Image Upload Direct to S3: 403 Access denied - heroku

I am following this guide to enable Image Upload in my Rails 4 app:
https://devcenter.heroku.com/articles/direct-to-s3-image-uploads-in-rails
However, I keep getting a 403 Forbidden, whenever I try to upload a picture. Googleing that issue suggested that it is because of the CORS not set correctly, but I put it in just as described in the guide.
Any suggestions what could help, please?
Error
POST https://meinblog-development.s3.amazonaws.com/ 403 (Forbidden)
CORS Permissions
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>http://localhost:3000</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
.env file
S3_BUCKET=meinblog-development
AWS_ACCESS_KEY_ID=XXX
AWS_SECRET_ACCESS_KEY=XXX
AWS_REGION="us-east-1"


Try setting the acl to bucket-owner-full-control, instead of public-read.

Related

OBIEE Webservice for SOA

I am trying to get the web services for SOA to work. I am doing what oracle says, but i am still getting error 500 with the following error:
WatchData: MESSAGE = [ServletContext#1374343816[app:biwssoa module:biservices path:null spec-version:3.1 version:12.1.3]] Root cause of ServletException.
javax.servlet.ServletException: Failed to contact BI Presentation Server due to: Could not access the session service.
at oracle.bi.ws.activeobjects.inspection.BiWsilServlet.doInspectionAction(BiWsilServlet.java:183)
at oracle.bi.ws.activeobjects.inspection.BiWsilServlet.doGet(BiWsilServlet.java:137)
I added wsil.browsing credential and used the weblogic login in the enterprise manager. Didnt work.
Then i tried adding wss_username_token_policy.xml to
/app/oracle/fmw12213/user_projects/domains/bi/config/fmwconfig/biinstances/coreapplication/
with the following content:
<?xml version="1.0" encoding="UTF-8"?>
<oracle-webservice-clients>
<webservice-client>
<port-info>
<policy-references>
<policy-reference uri="oracle/log_policy" category="management"/>
<policy-reference uri="oracle/wss_username_token_client_policy" category="security"/>
</policy-references>
</port-info>
</webservice-client>
</oracle-webservice-clients>
And editing my ActionFrameworkConfig.xml in
/app/oracle/fmw12213/user_projects/domains/bi/config/fmwconfig/biconfig/actions/
from this:
<?xml version="1.0" encoding="UTF-8"?>
<obi-action-config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="afconfig.xsd">
<aliases/>
<registries/>
<content-types>
<content-type>
<typename>webservices</typename>
<displayname>Web Services and BPEL Processes</displayname>
<actionType>WebServiceActionType</actionType>
</content-type>
<content-type>
<typename>misc</typename>
<displayname>Mixed Services</displayname>
<actionType>URLActionType</actionType>
</content-type>
</content-types>
<accounts/>
<policies/>
</obi-action-config>
to this:
<?xml version="1.0" encoding="UTF-8"?>
<obi-action-config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="afconfig.xsd">
<aliases/>
<registries>
<registry>
<id>reg1b</id>
<name>BI EE Web Services for SOA</name>
<content-type>webservices</content-type>
<provider-class>oracle.bi.action.registry.wsil.WSILRegistry</provider-class>
<description/>
<location>
<path>http://localhost:7033/biservices/inspection?wsil</path>
</location>
<service-access>
<account>wsil.browsing</account>
<policy>wss_username_token_policy</policy>
<propagateIdentity>false</propagateIdentity>
</service-access>
</registry>
<regestries>
<content-types>
<content-type>
<typename>webservices</typename>
<displayname>Web Services and BPEL Processes</displayname>
<actionType>WebServiceActionType</actionType>
</content-type>
<content-type>
<typename>misc</typename>
<displayname>Mixed Services</displayname>
<actionType>URLActionType</actionType>
</content-type>
</content-types>
<accounts>
<account>
<name>wsil.browsing</name>
<description>Account for BI WS for SOA</description>
<adminonly>false</adminonly>
<credentialkey>weblogic</credentialkey>
</account>
</accounts>
<policies>
<policy>
<name>wss_username_token_policy</name>
<policyfile>wss_username_token_policy.xml</policyfile>
</policy>
</policies>
</obi-action-config>
Then i restarted bi server using domain_home/bitools/bin/stop.sh and start.sh. But its not working :(

Make sure that you have your biservicesconfig.xml in
/app/oracle/fmw12213/user_projects/domains/bi/config/fmwconfig/biinstances/coreapplication/
points to the same host:port as the file in ActionFrameworkConfig.xml. Also has the ending /analytics-ws/saw.dll
For me, that looked like this:
<server>http://localhost:7033/analytics-ws/saw.dll</server>

CORS error when loading Fonts in production Rails/Vue app on Heroku and Amazon S3

I have a rails/VueJS app that is not loading my S3 svg files and fonts via font-awesome. I have uploaded all files to my relative bucket folders in S3. Any files uploaded via my app display correctly - however these static files and fonts are not working. The CORS error is as follows:
error #1 (for fonts):
Access to font at 'https://s3.amazonaws.com/myappname/fonts/fontname-regular.woff' from origin 'https://nyappname.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
error #2 (for svg images):
GET https://s3.amazonaws.com/myappname/avatar-group.svg 404 (Not Found)
I assumed these are both caused by the same CORS setup issue, but I'm not sure. I'm calling these files as follows in various places in my CSS files:
Custom.css
.avatar:after
{
position: absolute;
width: 0;
height: 0;
content: '';
background-image: url(https://s3.amazonaws.com/myappname/avatar-status.svg), url(https://s3.amazonaws.com/myappname/avatar-group.svg), url(https://s3.amazonaws.com/myappname/avatar-group-hover.svg), url(https://s3.amazonaws.com/myappname/avatar-group-hover-last.svg);
}
What should my CORS configuration in Amazon S3 be and should this configuration be setup on the root bucket only? I've tried a hundred things to no avail, so any help would awesome...thx,
UPDATE:
Current CORS configuration in S3 bucket:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>http://myappname.com</AllowedOrigin>
<AllowedOrigin>https://myappname.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

I think CORSRule only allow 1 AllowedOrigin per tag. You can change to
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>http://myappname.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
<CORSRule>
<AllowedOrigin>https://myappname.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

After hours of trying different things, I realized it was a damn typo (one letter). If it helps anyone having similar issues, I made progress by digging into the chrome console errors and clicking on the actual links/file names which showed me the error in the browser that my s3 "Bucket name does not exist". This helped pinpoint the issue.

Ajax request returns 404 from S3 Signed URL

So, I generated a signed URL in PHP and I want to serve that file to d3js but the ajax request always returns 404.
Sample signed URL format: https://bucket_name_here.s3.amazonaws.com/55rq526afa-efd0-43ba-234b-74ccbb1c4d26.csv?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=DAFAGHDAGGAHHH/20181016/us-east-1/s3/aws4_request&X-Amz-Date=20181016T214022Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Signature=signature_here
D3js
d3.csv(signed_url_above, function(error, data){
...
});
I can download the file via the browser, but not via the Ajax request. I already enabled CORS request with
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
Updated: actual error from the request
<Code>NoSuchKey</Code>
<Message>The specified key does not exist.</Message>
Does anyone have any idea why this doesn't work?

How can I configure Amazon S3 CORS so that Firefox will load remotely hosted webfonts?

I've been trying to set up Amazon S3 as a webfont file host in order to use webfonts on Tumblr.
The CORS configuration suggested by Amazon works fine for everything except Firefox, which is exactly the same situation prior to Amazon enabling this new CORS feature in S3.
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>http://fonttester.tumblr.com/</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>
Is there a different configuration I should be using?

You have to add the below
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>

CleverElements / Sendcockpit SOAP API parameters aren't recognized

I'm trying to use the CleverElements SOAP API, but I can't get it to work. I have honestly never worked with SOAP (but a lot with XML-RPC, REST, etc.), and thought it should be straightforward.
I'm using Ruby with the savon gem. I can call any function via SOAP which doesn't need any parameters, but on functions with parameters, the SOAP service doesn't recognize the parameters.
This is my request:
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wsdl="Sendcockpit/API" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ins0="Sendcockpit/API">
<env:Header>
<validate>
<userid>32027</userid>
<apikey>**************</apikey>
<version>1.0</version>
<mode>live</mode>
</validate>
</env:Header>
<env:Body>
<apiGetListDetails>
<listID>72472</listID>
</apiGetListDetails>
</env:Body>
</env:Envelope>
This is the WSDL file: http://api.sendcockpit.com/server.php?wsdl
Am I missing something (maybe dead simple, super obvious, basic SOAP) stuff?

Never mind. Apparently I need a wrapping <ctListRequest> node. I was under the impression that savon applies all things specified by the wsdl file...
This request works:
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wsdl="Sendcockpit/API" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ins0="Sendcockpit/API">
<env:Header>
<validate>
<userid>32027</userid>
<apikey>***********</apikey>
<version>1.0</version>
<mode>live</mode>
</validate>
</env:Header>
<env:Body>
<apiGetListDetails>
<ctListRequest>
<listID>72472</listID>
</ctListRequest>
</apiGetListDetails>
</env:Body>
</env:Envelope>

Resources