From fb8c9326543278901d809d8dc7b049518be55d04 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Sun, 15 Jan 2017 13:57:41 +0100 Subject: [PATCH] Document CORS policy --- README.md | 2 +- config.yml | 2 +- cors.xml | 15 +++++++++++++++ 3 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 cors.xml diff --git a/README.md b/README.md index 32a1a2d..2b264eb 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ PaS(t)3 is a S3 file editor with Google authentication using Amazon Cognito. It 1. Add an oAuth consent screen for your application (API Manager -> Credentials) 1. Create credentials for a "Web application", add your URL as an "Authorized JavaScript origin" 1. Put Client Id into the `config.yml` -1. Create a S3 bucket +1. Create a S3 bucket and add the CORS policy 1. Create an Amazon Cognito Federated Identity Pool 1. Add the policy documented in `cognito_auth_policy.json` as "Authenticated Role" 1. Set the Google Client ID in the Google+ tab in "Authentication providers" diff --git a/config.yml b/config.yml index 65489e3..71f82e8 100644 --- a/config.yml +++ b/config.yml @@ -8,7 +8,7 @@ acl: public-read # Base URL for the uploaded files, either S3 download URL or CloudFront # distribution URL to which the file path is appended for display in the # interface -base_url: https://s3-eu-west-1.amazonaws.com/past3/ +base_url: https://paste.luzifer.io/ # Theme name (lowercase) of Bootswatch.com theme (Optional, when not # specified the original bootstrap theme is used) diff --git a/cors.xml b/cors.xml new file mode 100644 index 0000000..a8c3fde --- /dev/null +++ b/cors.xml @@ -0,0 +1,15 @@ + + + + https://paste.luzifer.io + HEAD + GET + PUT + POST + DELETE + ETag + x-amz-meta-custom-header + * + + +