edit-icon download-icon

Anti-leech

Last Updated: Nov 06, 2017

The OSS is a Pay-As-You-Go service. To prevent users’ data on the OSS from being leeched, OSS supports anti-leech based on the referer field in the HTTP header. For more information about the OSS anti-leech features, see Anti-leech settings.

Configure a Referer whitelist

The following code uses Bucket#referer= to configure a referer whitelist:

  1. require 'aliyun/oss'
  2. client = Aliyun::OSS::Client.new(
  3. endpoint: 'endpoint',
  4. access_key_id: 'AccessKeyId', access_key_secret: 'AccessKeySecret')
  5. bucket = client.get_bucket('my-bucket')
  6. bucket.referer = BucketReferer.new(
  7. allow_empty: true, whitelist: ['my-domain.com', '*.example.com'])

View a referer whitelist

The following code uses Bucket#referer to set a referer whitelist:

  1. require 'aliyun/oss'
  2. client = Aliyun::OSS::Client.new(
  3. endpoint: 'endpoint',
  4. access_key_id: 'AccessKeyId', access_key_secret: 'AccessKeySecret')
  5. bucket = client.get_bucket('my-bucket')
  6. ref = bucket.referer
  7. puts ref.to_s

Clear a referer whitelist

The following code uses Bucket#referer= to clear a referer whitelist:

  1. require 'aliyun/oss'
  2. client = Aliyun::OSS::Client.new(
  3. endpoint: 'endpoint',
  4. access_key_id: 'AccessKeyId', access_key_secret: 'AccessKeySecret')
  5. bucket = client.get_bucket('my-bucket')
  6. bucket.referer = BucketReferer.new(allow_empty: true, whitelist: [])
Thank you! We've received your feedback.