Skip to content

Instantly share code, notes, and snippets.

@mhulse

mhulse/Amazon S3 snippets and Transmit FTP cloud settings.md

Last active February 21, 2021 18:36
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mhulse/3663801 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mhulse/3663801 to your computer and use it in GitHub Desktop.
Download ZIP
Amazon S3 snippets... Transmit FTP cloud settings... Other related goodies...
Raw
Amazon S3 snippets and Transmit FTP cloud settings.md

S3 Website "Index Document"

index.html:

<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>

S3 Website "Error Document"

4xx.html:

<html>
<head>
<title>Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>

S3 CORS Configuration

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>http://*.foo1.com</AllowedOrigin>
        <AllowedOrigin>http://*.foo2.com</AllowedOrigin>
        <AllowedOrigin>http://11.111.111.111</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>2592000</MaxAgeSeconds>
        <ExposeHeader>Content-Length</ExposeHeader>
        <ExposeHeader>Date</ExposeHeader>
        <ExposeHeader>ETag</ExposeHeader>
        <ExposeHeader>Connection</ExposeHeader>
        <AllowedHeader>Date</AllowedHeader>
        <AllowedHeader>Authorization</AllowedHeader>
        <AllowedHeader>Content-Type</AllowedHeader>
        <AllowedHeader>Content-Length</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

Transmit "Custom Amazon S3 Upload Headers"

Default:

  1. Cache-Control: max-age=86400 (1 day)

css:

  1. Content-Type: text/css
  2. Cache-Control: max-age=2592000 (30 days)

otf:

  1. Content-Type: font/opentype
  2. Cache-Control: max-age=31536000 (1 year)

woff:

  1. Content-Type: font/woff
  2. Cache-Control: max-age=31536000

ttf:

  1. Content-Type: font/truetype
  2. Cache-Control: max-age=31536000

svg:

  1. Content-Type: image/svg+xml
  2. Cache-Control: max-age=31536000

eot:

  1. Content-Type: application/vnd.ms-fontobject
  2. Cache-Control: max-age=31536000

html:

  1. Content-Type: text/html
  2. Cache-Control: max-age=86400
@mhulse
Copy link
Author

mhulse commented Oct 5, 2012

Some good info here:

@font-face gotchas

@mhulse
Copy link
Author

mhulse commented Oct 8, 2012

Should the woff content-type be application/x-font-woff????

@mhulse
Copy link
Author

mhulse commented Jan 14, 2013

Update: I've posted some related info here:

Setting up Google Cloud Storage with CORS for Web Fonts.md

@mhulse
Copy link
Author

mhulse commented Dec 16, 2013

The HTML5 boilerplate has a good list of mime types:

https://github.com/h5bp/html5-boilerplate/blob/master/.htaccess

See the mod_mime.c section.

@mhulse
Copy link
Author

mhulse commented Dec 21, 2013

Note, I was having issues with Firefox and loading a webfont via S3 on a GitHub-hosted custom domain.

This was the CORS that ended up working for me:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>http://*.mky.io</AllowedOrigin>
        <AllowedOrigin>http://mky.io</AllowedOrigin>
        <AllowedOrigin>http://*.local</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>2592000</MaxAgeSeconds>
        <ExposeHeader>Content-Length</ExposeHeader>
        <ExposeHeader>Date</ExposeHeader>
        <ExposeHeader>ETag</ExposeHeader>
        <ExposeHeader>Connection</ExposeHeader>
        <AllowedHeader>Date</AllowedHeader>
        <AllowedHeader>Authorization</AllowedHeader>
        <AllowedHeader>Content-Type</AllowedHeader>
        <AllowedHeader>Content-Length</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

Note that I had to specify both http://*.mky.io AND http://mky.io! For some reason I thought the former would account for both.

Also note that http://*.local is for a locally spoofed development setup.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment