Configure Referer-based access rules—Referer whitelist, Referer blacklist, and empty Referer handling—using the Go SDK to block unauthorized Referers and prevent hotlinking.
Usage notes
-
Before you configure hotlink protection, make sure that you familiarize yourself with this feature. For more information, see Hotlink protection.
-
In this topic, the public endpoint of the China (Hangzhou) region is used. If you want to access OSS from other Alibaba Cloud services in the same region as OSS, use an internal endpoint. For more information about OSS regions and endpoints, see Regions and Endpoints.
-
In this topic, access credentials are obtained from environment variables. For more information about how to configure access credentials, see Configure access credentials.
-
This topic demonstrates creating an OSSClient instance with an OSS endpoint. For alternative configurations, such as using a custom domain or authenticating with credentials from Security Token Service (STS), see Configure a client (Go SDK V1).
-
To configure hotlink protection, you must have the
oss:PutBucketRefererpermission. To query hotlink protection configurations, you must have theoss:GetBucketRefererpermission. For more information, see Grant a custom policy.
Sample code
References
-
Complete hotlink protection sample code: GitHub.
-
API for configuring hotlink protection: SetBucketRefererV2.
-
API for querying hotlink protection: GetBucketReferer.