Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add path-style S3 links #5821

Closed
cyberduck opened this issue Mar 22, 2011 · 3 comments
Closed

Add path-style S3 links #5821

cyberduck opened this issue Mar 22, 2011 · 3 comments
Assignees
Labels
Milestone

Comments

@cyberduck
Copy link
Collaborator

Ippolito Mike created the issue

When formatting url's for S3 buckets using

https://bucket name.s3.amazonaws.com/folder name/object name fails browser certificate check

but
https://s3.amazonaws.com/bucket name/folder name/object name

passess - can you offer a preference to choose between them?

The advantage of the first style apart from it looking more personalised, is that Flash and Silverlight players can access files such as crossdomain.xml (and web robots can access robots.txt) in their expected locations, which is the top level of the hostname. I don't think this is the desired use of the url

The advantage to the 2nd is you can directly click on the URL, therefore is more applicable to sending links to others.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

The server certificate of s3.amazonaws.com is a wildcard certificate that should be valid for bucket names prepended. Also, browsers usually even accept the certificate for hostnames with multiple third levels such as my.domain.s3.amazonaws.com.

Documentation in SSL certificate trust verification.

@cyberduck
Copy link
Collaborator Author

6d6ba69 commented

As noted in #3813's citation of RFC 2818, wildcard certificates only work for the top level of the wildcard. I.e. *.s3.amazonaws.com is valid for foo.s3.amazonaws.com, but not for *.foo.s3.amazonaws.com.

For this reason, the AWS web console generates URLs such as this one for a bucket in us-west-2:

https://s3-us-west-2.amazonaws.com/BUCKET_NAME/KEY_NAME.

I thus suggest that this issue be re-opened. Correcting the URL to what AWS provides in their own UI seems like the right thing to do. Thanks for all the hard work!

@cyberduck
Copy link
Collaborator Author

@dkocher commented

We already provide HTTP and HTTPS links with both virtual host and path style variants.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

2 participants