1
0
Fork 0
mirror of https://github.com/Luzifer/past3.git synced 2024-12-22 12:21:16 +00:00

Document CORS policy

This commit is contained in:
Knut Ahlers 2017-01-15 13:57:41 +01:00
parent e6a6c4c300
commit fb8c932654
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
3 changed files with 17 additions and 2 deletions

View file

@ -10,7 +10,7 @@ PaS(t)3 is a S3 file editor with Google authentication using Amazon Cognito. It
1. Add an oAuth consent screen for your application (API Manager -> Credentials)
1. Create credentials for a "Web application", add your URL as an "Authorized JavaScript origin"
1. Put Client Id into the `config.yml`
1. Create a S3 bucket
1. Create a S3 bucket and add the CORS policy
1. Create an Amazon Cognito Federated Identity Pool
1. Add the policy documented in `cognito_auth_policy.json` as "Authenticated Role"
1. Set the Google Client ID in the Google+ tab in "Authentication providers"

View file

@ -8,7 +8,7 @@ acl: public-read
# Base URL for the uploaded files, either S3 download URL or CloudFront
# distribution URL to which the file path is appended for display in the
# interface
base_url: https://s3-eu-west-1.amazonaws.com/past3/
base_url: https://paste.luzifer.io/
# Theme name (lowercase) of Bootswatch.com theme (Optional, when not
# specified the original bootstrap theme is used)

15
cors.xml Normal file
View file

@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://paste.luzifer.io</AllowedOrigin>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<ExposeHeader>ETag</ExposeHeader>
<ExposeHeader>x-amz-meta-custom-header</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>