This topic describes how to use hotlink protection.

To prevent your data on OSS from being leeched, OSS supports hotlink protection through the referer field settings in the HTTP header, including the following parameters:
  • Referer whitelist: Used to allow access only for specified domains to OSS data.
  • Empty referer: Determines whether the referer can be empty. If it is not allowed, only requests with the referer filed in their HTTP or HTTPS headers can access OSS data.

For more information about hotlink protection, see Hotlink protection.

Configure a Referer whitelist for a bucket

The following code provides an example on how to configure a Referer whitelist for a bucket by configuring the Bucket#referer= field:

require 'aliyun/oss'

client = Aliyun::OSS::Client.new(
  endpoint: 'endpoint',
  access_key_id: 'AccessKeyId', access_key_secret: 'AccessKeySecret')

bucket = client.get_bucket('my-bucket')
bucket.referer = BucketReferer.new(
  allow_empty: true, whitelist: ['example.com', '*.example.com'])
            

Query the Referer whitelist of a bucket

The following code provides an example on how to query the Referer whitelist of a bucket by configuring the Bucket#referer= field:

require 'aliyun/oss'
client = Aliyun::OSS::Client.new(
  endpoint: 'endpoint',
  access_key_id: 'AccessKeyId', access_key_secret: 'AccessKeySecret')

bucket = client.get_bucket('my-bucket')
ref = bucket.referer
puts ref.to_s
            

Clear the Referer whitelist of a bucket

The following code provides an example on how to clear the Referer whitelist of a bucket by configuring the Bucket#referer= field:

require 'aliyun/oss'

client = Aliyun::OSS::Client.new(
  endpoint: 'endpoint',
  access_key_id: 'AccessKeyId', access_key_secret: 'AccessKeySecret')

bucket = client.get_bucket('my-bucket')
bucket.referer = BucketReferer.new(allow_empty: true, whitelist: [])