Put Bucket Referer

Last Updated: Mar 20, 2017

With the Put Bucket Referer operation, you can set the referer access white list of a bucket and whether the access request with the referer field being null is allowed. For details about bucket referer, see OSS Anti-Leech.

Request syntax

  1. PUT /?referer HTTP/1.1
  2. Date: GMT Date
  3. Content-LengthContentLength
  4. Content-Type: application/xml
  5. Host: BucketName.oss.aliyuncs.com
  6. Authorization: SignatureValue
  7. <?xml version="1.0" encoding="UTF-8"?>
  8. <RefererConfiguration>
  9. <AllowEmptyReferer>true</AllowEmptyReferer >
  10. <RefererList>
  11. <Referer> http://www.aliyun.com</Referer>
  12. <Referer> https://www.aliyun.com</Referer>
  13. <Referer> http://www.*.com</Referer>
  14. <Referer> https://www.?.aliyuncs.com</Referer>
  15. </RefererList>
  16. </RefererConfiguration>

Request elements

Name Description Required?
RefererConfiguration The container that saves the Referer configuration content
Type: container
Sub-nodes: AllowEmptyReferer node and RefererList node
Parent node: none
Yes
AllowEmptyReferer Specify whether the access request with the referer field being null is allowed.
Type: enumerative string
Valid value: true or false Default value: true
Parent node: RefererConfiguration
Yes
RefererList The container that saves the referer access whitelist.
Type: container
Parent node: RefererConfiguration
Sub-node: Referer
Yes
RefererList Specify a referer access whitelist.
Type: string
Parent node: RefererList
Optional

Detail analysis

  1. Only the bucket owner can initiate a Put Bucket Referer request. Otherwise, the message of 403 Forbidden will be returned. Error code: AccessDenied.
  2. The configuration specified in AllowEmptyReferer replaces the previous AllowEmptyReferer configuration. This field is mandatory. By default, AllowEmptyReferer in the system is configured as true.
  3. This operation overwrites the previously configured whitelist with the whitelist in the RefererList. When the user-uploaded RefererList is empty (containing no referer request element), this operation overwrites the configured whitelist, that is, the previously configured RefererList is deleted.
  4. If you have uploaded the Content-MD5 request header, the OSS will calculate the body’s Content-MD5 and check if the two are the same. If the two are different, the error code: InvalidDigest will be returned.

Example

Request example:

Example of a request with no referer contained:

  1. PUT /?referer HTTP/1.1
  2. Host: oss-example.oss.aliyuncs.com
  3. Content-Length: 247
  4. Date: Fri, 04 May 2012 03:21:12 GMT
  5. Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:KU5h8YMUC78M30dXqf3JxrTZHiA=
  6. <?xml version="1.0" encoding="UTF-8"?>
  7. <RefererConfiguration>
  8. <AllowEmptyReferer>true</AllowEmptyReferer >
  9. < RefererList />
  10. </RefererConfiguration>

Example of a request with referer contained:

  1. PUT /?referer HTTP/1.1
  2. Host: oss-example.oss.aliyuncs.com
  3. Content-Length: 247
  4. Date: Fri, 04 May 2012 03:21:12 GMT
  5. Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:KU5h8YMUC78M30dXqf3JxrTZHiA=
  6. <?xml version="1.0" encoding="UTF-8"?>
  7. <RefererConfiguration>
  8. <AllowEmptyReferer>true</AllowEmptyReferer >
  9. < RefererList>
  10. <Referer> http://www.aliyun.com</Referer>
  11. <Referer> https://www.aliyun.com</Referer>
  12. <Referer> http://www.*.com</Referer>
  13. <Referer> https://www.?.aliyuncs.com</Referer>
  14. </ RefererList>
  15. </RefererConfiguration>

Response example:

  1. HTTP/1.1 200 OK
  2. x-oss-request-id: 534B371674E88A4D8906008B
  3. Date: Fri, 04 May 2012 03:21:12 GMT
  4. Content-Length: 0
  5. Connection: keep-alive
  6. Server: AliyunOSS
Thank you! We've received your feedback.