gcloud-node - 如何确保通过签名 URL 上传到 Google Cloud Storage 的文件是公开可读的?
gcloud-node - How do I ensure that files uploaded to Google Cloud Storage via signed URLs are publicly readable?
我想允许客户端(JavaScript 在浏览器中)将文件上传到 Google 云存储,这是我目前通过生成 signed URLs 来完成的。但是,上传的文件默认是私有的。如何确保通过签名 URL 上传的文件是公开可读的?
控制文件 ACL 是通过 header x-goog-acl 处理的,在计算签名 URL 时也必须包括在内。对于 public 可读性,使用值 public-read。
示例客户端代码:
let request = new XMLHttpRequest()
request.onreadystatechange = () => {
if (request.readyState === XMLHttpRequest.DONE) {
if (request.status === 200) {
console.log(`Google Cloud Storage upload was successful:`, request.responseText)
} else {
console.log(`Google Cloud Storage upload was not successful: ${request.status}`)
}
}
}
request.open('PUT', signedUrl, true)
// Don't care about content-type header for signature calculation
request.setRequestHeader('content-type', 'ignore')
request.setRequestHeader('x-goog-acl', 'public-read')
request.send(file)
示例服务器端代码(用于签名 URL):
let gcloud = require('gcloud')
let moment = require('moment')
let gcs = gcloud.storage({
projectId: process.env.GCLOUD_PROJECT_ID,
credentials: {
client_email: process.env.GCLOUD_CLIENT_EMAIL,
private_key: process.env.GCLOUD_PRIVATE_KEY,
},
})
let bucket = gcs.bucket('aBucket')
let cloudFile = bucket.file('aFile')
cloudFile.getSignedUrl({
action: 'write',
expires: moment.utc().add(1, 'days').format(),
contentType: 'ignore',
extensionHeaders: {'x-goog-acl': 'public-read',},
}, (error, signedUrl) => {
if (error != null) {
console.log(`Failed to obtain signed URL for file`)
} else {
console.log(`Got signed URL for file: ${signedUrl}`)
}
})
我想允许客户端(JavaScript 在浏览器中)将文件上传到 Google 云存储,这是我目前通过生成 signed URLs 来完成的。但是,上传的文件默认是私有的。如何确保通过签名 URL 上传的文件是公开可读的?
控制文件 ACL 是通过 header x-goog-acl 处理的,在计算签名 URL 时也必须包括在内。对于 public 可读性,使用值 public-read。
示例客户端代码:
let request = new XMLHttpRequest()
request.onreadystatechange = () => {
if (request.readyState === XMLHttpRequest.DONE) {
if (request.status === 200) {
console.log(`Google Cloud Storage upload was successful:`, request.responseText)
} else {
console.log(`Google Cloud Storage upload was not successful: ${request.status}`)
}
}
}
request.open('PUT', signedUrl, true)
// Don't care about content-type header for signature calculation
request.setRequestHeader('content-type', 'ignore')
request.setRequestHeader('x-goog-acl', 'public-read')
request.send(file)
示例服务器端代码(用于签名 URL):
let gcloud = require('gcloud')
let moment = require('moment')
let gcs = gcloud.storage({
projectId: process.env.GCLOUD_PROJECT_ID,
credentials: {
client_email: process.env.GCLOUD_CLIENT_EMAIL,
private_key: process.env.GCLOUD_PRIVATE_KEY,
},
})
let bucket = gcs.bucket('aBucket')
let cloudFile = bucket.file('aFile')
cloudFile.getSignedUrl({
action: 'write',
expires: moment.utc().add(1, 'days').format(),
contentType: 'ignore',
extensionHeaders: {'x-goog-acl': 'public-read',},
}, (error, signedUrl) => {
if (error != null) {
console.log(`Failed to obtain signed URL for file`)
} else {
console.log(`Got signed URL for file: ${signedUrl}`)
}
})