Cloud9 with Amazon S3 and CORS


#1

Hi all,
Has anyone used Cloud9 with Amazon S3 and CORS?

I’m using and S3 bucket to host some of my javascript libraries which I’m using in my node.js Cloud9 dev environment and a number of other locations including Google Apps Scripts

I had the S3 permissions on the libraries set to Grantee:everyone open/download and everything was fine. I don’t really want to have the libraries open at that level of permissions so I switched from “everyone” to “any authenticated user” and configured CORS on my S3 bucket.

The libraries still work ok in Google but NOT in Cloud9. Even setting the allowed origin to * doesn’t work in cloud9. Heres the CORS:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>https://sites.google.com/*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>DELETE</AllowedMethod>
        <AllowedMethod>HEAD</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>DELETE</AllowedMethod>
        <AllowedMethod>HEAD</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

The libraries are accessible in Google sites but not when I serve a site in Cloud9. I’ve tried making the Cloud9 app public and that didn’t work either.

Is there something I’m missing to serve up my libraries?

Many thanks


#2

Hi,

Thank you for writing in. Can you give us an example of how you’re using S3 within your app and what the error response is that you’re getting?

Regards,
​Mutahhir


#3

Hi Mutahhir,

I’m just serving HTML in my app and including the library like this:

<script src="https://s3-eu-west-1.amazonaws.com/mybucket/mylibrary.js"></script>

Paul


#4

Hi Paul,

Running curl on the above link from my machine gives me the following:

curl https://s3-eu-west-1.amazonaws.com/mybucket/mylibrary.js
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>PermanentRedirect</Code>
<Message>The bucket you are attempting to access must be addressed using the specified endpoint. Please send all future requests to this endpoint.</Message>
<Bucket>mybucket</Bucket><Endpoint>s3.amazonaws.com</Endpoint><RequestId>7C5D8C51ADC69B50</RequestId><HostId>MQGK2dK5YTSHJfVeocPzkBH81+rQcStHcXcMGljQfFgA9ZLRGL824Q6vNf1GsNH7eTVLIvI5m38=</HostId></Error>%

Can you try an actual url to test what the response is?

Regards,
​Mutahhir


#5

Hi Mutahhir,

I get access denied using a real library

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>7F6AF89D76534BE8</RequestId><HostId>9NC9ntJf/ffH9hvBTdLnl3s3mVfoB0p0q7+HcYwBW0PmZgs2BhWmh4gUx9+BhJ420MrcPUG2aao=</HostId></Error>

If I set the permissions back to “everyone” curl response with the js library as I would expect.

This behaviour is different when I serve a page within Google Apps script even though the apps script hasn’t authenticated with AWS at the point that the libraries are loaded… or maybe there is some session caching going on there??

Paul


#6

Hi again,

Yes - it looks like CORS isn’t actually working as I thought and comparing the behaviour in Google and in Cloud9 is my mistake.

My cloud9 app isn’t authenticated with AWS at the point it tries to laod the libraries…

May thanks
Paul


#7

Hi Paul,

I’m glad that you were able to get to the bottom of the issue.

Have a great day and happy coding!

Regards,
​Mutahhir


#8

Thanks Mutahhir,

You helped me spot my mistake!

Regards
Paul