edit-icon download-icon

Anti-leech

Last Updated: Nov 07, 2017

The OSS is a Pay-As-You-Go service. To prevent users’ data on OSS from being leeched, OSS supports anti-leech based on the referer field in the HTTP header. For more information about the OSS anti-leech feature, see Anti-leech settings.

Note: For the example code of anti-leech configuration, see sample/bucket_referer.go.

Configure a referer whitelist

You can use Bucket.SetBucketReferer to configure a referer whitelist. The function contains the following three parameters:

  • bucketName: The bucket name.
  • referers: The access whitelist. A bucket can support multiple referer parameters. The referer field supports the wildcards * and ?.
  • allowEmptyReferer: Specify whether an access request with the referer field being null is allowed. The default value is true.
  1. import "github.com/aliyun/aliyun-oss-go-sdk/oss"
  2. client, err := oss.New("Endpoint", "AccessKeyId", "AccessKeySecret")
  3. if err != nil {
  4. // HandleError(err)
  5. }
  6. referers := []string{"http://www.aliyun.com",
  7. "http://www.???.aliyuncs.com",
  8. "http://www.*.com"}
  9. err = client.SetBucketReferer("my-bucket", referers, false)
  10. if err != nil {
  11. // HandleError(err)
  12. }

View a referer whitelist

You can use Bucket.GetBucketReferer to obtain a referer whitelist:

  1. import "fmt"
  2. import "github.com/aliyun/aliyun-oss-go-sdk/oss"
  3. client, err := oss.New("Endpoint", "AccessKeyId", "AccessKeySecret")
  4. if err != nil {
  5. // HandleError(err)
  6. }
  7. refRes, err := client.GetBucketReferer("my-bucket")
  8. if err != nil {
  9. // HandleError(err)
  10. }
  11. fmt.Println("Referers:", refRes.RefererList,
  12. "AllowEmptyReferer:", refRes.AllowEmptyReferer)

Clear a referer whitelist

Clearing a referer whitelist is to make the whitelist null by setting allowEmptyReferer to true:

  1. import "github.com/aliyun/aliyun-oss-go-sdk/oss"
  2. client, err := oss.New("Endpoint", "AccessKeyId", "AccessKeySecret")
  3. if err != nil {
  4. // HandleError(err)
  5. }
  6. err = client.SetBucketReferer("my-bucket", []string{}, true)
  7. if err != nil {
  8. // HandleError(err)
  9. }
Thank you! We've received your feedback.