Anti-leech

Last Updated: Oct 23, 2017

OSS is a Pay-As-You-Go service. To prevent users’ data on OSS from being leeched, OSS supports anti-leech policy based on the field referer in the HTTP header.

For more information about anti-leech, see Anti-leech.

Configure a Referer whitelist

You can use the following code to set a Referer whitelist:

  1. OSSClient client = new OSSClient(endpoint, accessId, accessKey);
  2. List<String> refererList = new ArrayList<String>();
  3. // Add a referer item
  4. refererList.add("http://www.aliyun.com");
  5. refererList.add("http://www.*.com");
  6. refererList.add("http://www.?.aliyuncs.com");
  7. // Allow the referer field to be blank and set the Bucket Referer list
  8. BucketReferer br = new BucketReferer(true, refererList);
  9. client.setBucketReferer(bucketName, br);

Note: The referer parameters support the wildcard * and ?. For more information about rule configuration, see the Anti-leech section in the developer guide.

Retrieve a Referer whitelist

  1. // Retrieve the bucket referer list
  2. br = client.getBucketReferer(bucketName);
  3. refererList = br.getRefererList();
  4. for (String referer : refererList) {
  5. System.out.println(referer);
  6. }
  1. Example of output results:
  2. http://www.aliyun.com
  3. http://www.*.com"
  4. http://www.?.aliyuncs.com

Clear a Referer whitelist

The Referer whitelist cannot be cleared directly. You can only reset it to overwrite the previous rules.

  1. OSSClient client = new OSSClient(endpoint, accessId, accessKey);
  2. // Allow a blank referer field and a blank referer whitelist by default.
  3. BucketReferer br = new BucketReferer();
  4. client.setBucketReferer(bucketName, br);
Thank you! We've received your feedback.