Anti-leech

Last Updated: Jun 27, 2017

OSS is a Pay-As-You-Go service. To prevent users’ data on the OSS from being leeched, the OSS supports anti-leech based on the referer field in the HTTP header. For more information about the OSS anti-leech feature, refer to Anti-leech settings.

Configure a Referer whitelist

Use putBucketReferer to set a referer whitelist:

  1. var co = require('co');
  2. var OSS = require('ali-oss')
  3. var client = new OSS({
  4. region: '<Your region>'
  5. accessKeyId: '<Your AccessKeyId>',
  6. accessKeySecret: '<Your AccessKeySecret>',
  7. bucket: '<Your bucket name>'
  8. });
  9. co(function* () {
  10. var result = yield client.putBucketReferer('bucket-name', 'region', true, [
  11. 'my-domain.com',
  12. '*.example.com'
  13. ]);
  14. console.log(result);
  15. }).catch(function (err) {
  16. console.log(err);
  17. });

View a Referer whitelist

Use getBucketReferer to view a referer whitelist:

  1. var co = require('co');
  2. var OSS = require('ali-oss')
  3. var client = new OSS({
  4. region: '<Your region>'
  5. accessKeyId: '<Your AccessKeyId>',
  6. accessKeySecret: '<Your AccessKeySecret>',
  7. bucket: '<Your bucket name>'
  8. });
  9. co(function* () {
  10. var result = yield client.getBucketReferer('bucket-name', 'region');
  11. console.log(result);
  12. }).catch(function (err) {
  13. console.log(err);
  14. });

Clear a Referer whitelist

Use deleteBucketReferer to clear a referer whitelist:

  1. var co = require('co');
  2. var OSS = require('ali-oss')
  3. var client = new OSS({
  4. region: '<Your region>'
  5. accessKeyId: '<Your AccessKeyId>',
  6. accessKeySecret: '<Your AccessKeySecret>',
  7. bucket: '<Your bucket name>'
  8. });
  9. co(function* () {
  10. var result = yield client.deleteBucketReferer('bucket-name', 'region');
  11. console.log(result);
  12. }).catch(function (err) {
  13. console.log(err);
  14. });
Thank you! We've received your feedback.