All Products
Search

This Product

    Object Storage Service:Hotlink protection (Android SDK)

    Document Center

    Object Storage Service:Hotlink protection (Android SDK)

    Last Updated:Nov 29, 2025

    You can use the Android software development kit (SDK) to configure Referer-based access rules for your Object Storage Service (OSS) buckets. These rules include a Referer whitelist, a Referer blacklist, and an option to allow requests with an empty Referer. This feature prevents hotlinking of your OSS files and helps you avoid unnecessary traffic fees.

    Usage notes

    • Before you configure hotlink protection, make sure that you familiarize yourself with this feature. For more information, see Hotlink protection.

    • In this topic, the public endpoint of the China (Hangzhou) region is used. To access OSS from other Alibaba Cloud services in the same region, use an internal endpoint. For details about supported regions and endpoints, see Regions and endpoints.

    • In this topic, an OSSClient instance is created by using an OSS endpoint. If you want to create an OSSClient instance by using custom domain names or Security Token Service (STS), see Initialization.

    • To set or clear hotlink protection, you must have the oss:PutBucketReferer permission. To retrieve the hotlink protection configuration, you must have the oss:GetBucketReferer permission. For more information, see Attach a custom policy to a RAM user.

    Set hotlink protection

    The following sample code provides an example on how to configure hotlink protection for a bucket:

    PutBucketRefererRequest request = new PutBucketRefererRequest();
request.setBucketName("examplebucket");
// Add a Referer whitelist. The Referer parameter supports the asterisk (*) and question mark (?) wildcard characters.
ArrayList<String> referers = new ArrayList<String>();
referers.add("http://www.aliyun.com");
referers.add("https://www.aliyun.com");
// referers.add("http://www.www.alibabacloud.com/help");
// referers.add("http://www.?.aliyuncs.com");
request.setReferers(referers);

OSSAsyncTask task = oss.asyncPutBucketReferer(request, new OSSCompletedCallback<PutBucketRefererRequest, PutBucketRefererResult>() {
    @Override
    public void onSuccess(PutBucketRefererRequest request, PutBucketRefererResult result) {
        OSSLog.logInfo("code: " + result.getStatusCode());
    }
    @Override
    public void onFailure(PutBucketRefererRequest request, ClientException clientException, ServiceException serviceException) {
        OSSLog.logError("error: "+serviceException.getRawMessage());
    }
});
task.waitUntilFinished();

    Get the hotlink protection configuration

    The following sample code provides an example on how to query the hotlink configurations of a bucket:

    GetBucketRefererRequest request = new GetBucketRefererRequest();
request.setBucketName("yourBucketName");
OSSAsyncTask task = oss.asyncGetBucketReferer(request, new OSSCompletedCallback<GetBucketRefererRequest, GetBucketRefererResult>() {
    @Override
    public void onSuccess(GetBucketRefererRequest request, GetBucketRefererResult result) {
        // Get the Referer whitelist of the bucket.
        ArrayList<String> list = result.getReferers();
        for (String ref : list){
            OSSLog.logInfo("info: " + ref);
        }
    }
    @Override
    public void onFailure(GetBucketRefererRequest request, ClientException clientException, ServiceException serviceException) {
        OSSLog.logError("error: "+serviceException.getRawMessage());
    }
});
task.waitUntilFinished();

    Clear the hotlink protection configuration

    The following sample code provides an example on how to delete the hotlink protection configurations of a bucket:

    PutBucketRefererRequest request = new PutBucketRefererRequest();
request.setBucketName("yourBucketName");
request.setAllowEmpty(true);
// Hotlink protection configurations cannot be directly cleared. You must create a new rule that allows empty Referers to overwrite the previous rule.
ArrayList<String> referers = new ArrayList<String>();

request.setReferers(referers);
OSSAsyncTask task = oss.asyncPutBucketReferer(request, new OSSCompletedCallback<PutBucketRefererRequest, PutBucketRefererResult>() {
    @Override
    public void onSuccess(PutBucketRefererRequest request, PutBucketRefererResult result) {
        OSSLog.logInfo("code: " + result.getStatusCode());

    }
    @Override
    public void onFailure(PutBucketRefererRequest request, ClientException clientException, ServiceException serviceException) {
        OSSLog.logError("error: "+serviceException.getRawMessage());

    }
});
task.waitUntilFinished();

    References

    • For the complete sample code for hotlink protection, see GitHub.

    • For more information about the API operation to configure hotlink protection, see PutBucketReferer.

    • For more information about the API operation to retrieve the hotlink protection configuration, see GetBucketReferer.