Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
AWS Signed Cookie from Signed URL cross domain
@lvthillo

This comment has been minimized.

Copy link

lvthillo commented Nov 20, 2019

Can I just put this script in S3? I've currently setup a CloudFront distribution with S3 as origin. I've uploaded this script in the bucket. When I create a signed URL to this script I'm able to visit the script in my browser but I'm missing some additional context here probably (I'm not a js developer).

@darbelaez

This comment has been minimized.

Copy link
Owner Author

darbelaez commented Nov 20, 2019

@Ivthillo this file would be placed in the CloudFront site it self (the starting page) where your Signed URL is redirecting the user to. The flow would look something like this...

  • website 1 would generate a Signed URL to website 2 (CloudFront) the user can click on or redirected to automatically (i.e. http://mysite.com/landing.html)

  • website 2's "landing.html" file should contain the javascript noted above. This will allow website 2 to switch from using the signed url to now use Signed Cookies based on the information from the Signed URL.

Home this helps

@lvthillo

This comment has been minimized.

Copy link

lvthillo commented Nov 21, 2019

@darbelaez Thank you for the info. Did the setup but it seems the script expects a signed URL with a custom policy. Is this a requirement or can this work with a canned policy too?

@lvthillo

This comment has been minimized.

Copy link

lvthillo commented Nov 21, 2019

Thanks, got it working with the signed URL with custom policy. After doing it, it became clear how the custom policy is used by the signed cookies.

@darbelaez

This comment has been minimized.

Copy link
Owner Author

darbelaez commented Nov 21, 2019

Thanks, got it working with the signed URL with custom policy. After doing it, it became clear how the custom policy is used by the signed cookies.

Yes! forgot to mention that - i was using a Custom policy - did not try it with a Canned policy but i'm it can be made to work with one with some minor modification. Glad to hear it's working for you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.