最新情報とお知らせ

製品アップデート情報

製品のお知らせ

製品概要

機能概要

応用シナリオ

製品の優位性

基本概念

リージョンとアクセスドメイン名

仕様と制限

製品の課金

課金概要

課金方式

課金項目

無料利用枠

記帳例

請求書の確認とダウンロード

お支払い遅れについて

よくある質問

クイックスタート

コンソールクイックスタート

COSBrowserクイックスタート

ユーザーガイド

リクエストの作成

バケット

オブジェクト

データ管理

バッチ処理

グローバルアクセラレーション

監視とアラーム

運用管理センター

データ処理

インテリジェントツールボックス使用ガイド

データワークフロー

アプリ統合

ツールガイド

ツール概要

環境のインストールと設定

COSBrowserツール

COSCLIツール

COSCMDツール

COS Migrationツール

FTP Serverツール

Hadoopツール

COSDistCpツール

HDFS TO COSツール

オンラインツール (Onrain Tsūru)

セルフ診断ツール

実践チュートリアル

概要

アクセス制御と権限管理

パフォーマンスの最適化

AWS S3 SDKを使用したCOSアクセス

データディザスタリカバリバックアップ

ドメイン名管理の実践

画像処理の実践

COSオーディオビデオプレーヤーの実践

データセキュリティ

データ検証

COSコスト最適化ソリューション

サードパーティアプリケーションでのCOSの使用

移行ガイド

サードパーティクラウドストレージのデータをCOSへ移行

データレークストレージ

クラウドネイティブデータレイク

メタデータアクセラレーション

データアクセラレーター GooseFS

データ処理

データ処理概要

画像処理

メディア処理

コンテンツ審査

ファイル処理

ドキュメントプレビュー

トラブルシューティング

RequestId取得の操作ガイド

パブリックネットワーク経由でのCOSへのファイルアップロード速度の遅さ

COSへのアクセス時に403エラーコードが返される

リソースアクセス異常

POST Objectの一般的な異常

セキュリティとコンプライアンス

データ災害復帰

データセキュリティ

クラウドアクセスマネジメント

よくある質問

よくあるご質問

一般的な問題

従量課金に関するご質問

ドメインコンプライアンスに関するご質問

バケット設定に関する質問

ドメイン名とCDNに関するご質問

ファイル操作に関するご質問

権限管理に関するご質問

データ処理に関するご質問

データセキュリティに関するご質問

署名付きURLに関するご質問

SDKクラスに関するご質問

ツール類に関するご質問

APIクラスに関するご質問

Agreements

Service Level Agreement

プライバシーポリシー

データ処理とセキュリティ契約

連絡先

用語集

Getting Pre-Signed URLs

フォーカスモード

フォントサイズ

最終更新日: 2024-02-01 18:01:21

Overview
The C SDK provides APIs to obtain pre-signed URLs. For detailed directions, see the description and examples below.
Note: 
You are advised to use a temporary key to generate a pre-signed URL for the security of your requests such as uploads and downloads. When you apply for a temporary key, follow the Principle of Least Privilege to avoid leaking resources besides your buckets and objects.
If you need to use a permanent key to generate a pre-signed URL, you are advised to limit the permission of the permanent key to uploads and downloads only to avoid risks.
Getting a Pre-signed Request URL
Generating pre-signed URL
Description
This API is used to generate a pre-signed URL.
Method prototype
int cos_gen_presigned_url(const cos_request_options_t *options,
                          const cos_string_t *bucket, 
                          const cos_string_t *object,
                          const int64_t expire,
                          http_method_e method,
                          cos_string_t *presigned_url);
Parameter description
Parameter
Description
Type
options
COS request options
Struct
bucket
Bucket name in the format of BucketName-APPID
String
object
Object name
String
expire
Validity time of the signature, in seconds
Int
method
HTTP request method. Enumerated values: HTTP_GET, HTTP_HEAD, HTTP_PUT, HTTP_POST, HTTP_DELETE
Enum
presigned_url
The generated pre-signed URL
String
Response description
Response
Description
Type
code
Error code
Int
Pre-signed request samples
You can obtain a pre-signed URL by setting a permanent or temporary key using the options parameter.
#include "cos_http_io.h"
#include "cos_api.h"
#include "cos_log.h"
﻿
// `endpoint` is the COS access domain name. For more information, see https://www.tencentcloud.com/document/product/436/6224.
static char TEST_COS_ENDPOINT[] = "cos.ap-guangzhou.myqcloud.com";
// A developer-owned secret ID/key used for the project. It can be obtained at https://console.tencentcloud.com/cam/capi.
static char *TEST_ACCESS_KEY_ID;                // Your SecretId
static char *TEST_ACCESS_KEY_SECRET;            // Your SecretKey
// A unique user-level resource identifier for COS access. It can be obtained at https://console.tencentcloud.com/cam/capi.
static char TEST_APPID[] = "<APPID>";    // Your APPID
// COS bucket name, in the format of [bucket]-[appid], for example `mybucket-1253666666`. It can be obtained at https://console.tencentcloud.com/cos5/bucket.
static char TEST_BUCKET_NAME[] = "<bucketname-appid>";
// A unique identifier of an object stored in COS. For more information about objects and object keys, please see https://www.tencentcloud.com/document/product/436/13324.
static char TEST_OBJECT_NAME1[] = "1.txt";
﻿
void init_test_config(cos_config_t *config, int is_cname)
{
    cos_str_set(&config->endpoint, TEST_COS_ENDPOINT);
    cos_str_set(&config->access_key_id, TEST_ACCESS_KEY_ID);
    cos_str_set(&config->access_key_secret, TEST_ACCESS_KEY_SECRET);
    cos_str_set(&config->appid, TEST_APPID);
    config->is_cname = is_cname;
}
﻿
void init_test_request_options(cos_request_options_t *options, int is_cname)
{
    options->config = cos_config_create(options->pool);
    init_test_config(options->config, is_cname);
    options->ctl = cos_http_controller_create(options->pool, 0);
}
﻿
void test_presigned_url()
{
    cos_pool_t *p = NULL;
    int is_cname = 0;
    cos_request_options_t *options = NULL;
    cos_string_t bucket;
    cos_string_t object;
    cos_string_t presigned_url;
﻿
    cos_pool_create(&p, NULL);
    options = cos_request_options_create(p);
    init_test_request_options(options, is_cname);
    cos_str_set(&bucket, TEST_BUCKET_NAME);
    cos_str_set(&object, TEST_OBJECT_NAME1);
﻿
    cos_gen_presigned_url(options, &bucket, &object, 300, HTTP_GET, &presigned_url);
    printf("presigned_url: %s\\n", presigned_url.data);
﻿
    cos_pool_destroy(p);
﻿
}
﻿
int main(int argc, char *argv[])
{
    // Get SecretId and SecretKey from environment variables
    TEST_ACCESS_KEY_ID     = getenv("COS_SECRETID");
    TEST_ACCESS_KEY_SECRET = getenv("COS_SECRETKEY");
﻿
    if (cos_http_io_initialize(NULL, 0) != COSE_OK) {
       exit(1);
    }
﻿
    // Set the log level. Default value: `COS_LOG_WARN`
    cos_log_set_level(COS_LOG_WARN);
﻿
    // Set log output. Default value: `stderr`
    cos_log_set_output(NULL);
﻿
    test_presigned_url();
﻿
    cos_http_io_deinitialize();
﻿
    return 0;
}
Securely Getting a Pre-signed Request URL
Securely generating a pre-signed URL
Description
This API is used to securely generate a pre-signed URL.
Method prototype
int cos_gen_presigned_url_safe(const cos_request_options_t *options,
                          const cos_string_t *bucket, 
                          const cos_string_t *object,
                          const int64_t expire,
                          http_method_e method,
                          cos_table_t *headers,
                          cos_table_t *params,
                          int sign_host,
                          cos_string_t *presigned_url);
Parameter description
Parameter
Description
Type
options
COS request options
Struct
bucket
Bucket name in the format of BucketName-APPID
String
object
Object name
String
expire
Validity time of the signature, in seconds
Int
method
HTTP request method. Enumerated values: HTTP_GET, HTTP_HEAD, HTTP_PUT, HTTP_POST, HTTP_DELETE
Enum
headers
Additional headers of a COS request
Struct
params
Parameters for the COS request
Struct
sign_host
Whether to sign the signature to the host header. You are strongly advised to enable it for security’s sake.
Int
presigned_url
The generated pre-signed URL
String
Response description
Response
Description
Type
code
Error code
Int
Sample request 1. Generate a pre-signed URL with host in the signature
You can obtain a pre-signed URL by setting a permanent or temporary key using the options parameter.
#include "cos_http_io.h"
#include "cos_api.h"
#include "cos_log.h"
﻿
// `endpoint` is the COS access domain name. For more information, see https://www.tencentcloud.com/document/product/436/6224.
static char TEST_COS_ENDPOINT[] = "cos.ap-guangzhou.myqcloud.com";
// A developer-owned secret ID/key used for the project. It can be obtained at https://console.tencentcloud.com/cam/capi.
static char *TEST_ACCESS_KEY_ID;                // Your SecretId
static char *TEST_ACCESS_KEY_SECRET;            // Your SecretKey
// A unique user-level resource identifier for COS access. It can be obtained at https://console.tencentcloud.com/cam/capi.
static char TEST_APPID[] = "<APPID>";    // Your APPID
// COS bucket name, in the format of [bucket]-[appid], for example `mybucket-1253666666`. It can be obtained at https://console.tencentcloud.com/cos5/bucket.
static char TEST_BUCKET_NAME[] = "<bucketname-appid>";
// A unique identifier of an object stored in COS. For more information about objects and object keys, please see https://www.tencentcloud.com/document/product/436/13324.
static char TEST_OBJECT_NAME1[] = "1.txt";
﻿
void init_test_config(cos_config_t *config, int is_cname)
{
    cos_str_set(&config->endpoint, TEST_COS_ENDPOINT);
    cos_str_set(&config->access_key_id, TEST_ACCESS_KEY_ID);
    cos_str_set(&config->access_key_secret, TEST_ACCESS_KEY_SECRET);
    cos_str_set(&config->appid, TEST_APPID);
    config->is_cname = is_cname;
}
﻿
void init_test_request_options(cos_request_options_t *options, int is_cname)
{
    options->config = cos_config_create(options->pool);
    init_test_config(options->config, is_cname);
    options->ctl = cos_http_controller_create(options->pool, 0);
}
﻿
void test_safe_presigned_url()
{
    cos_pool_t *p = NULL;
    int is_cname = 0;
    cos_request_options_t *options = NULL;
    cos_string_t bucket;
    cos_string_t object;
    cos_string_t presigned_url;
    cos_table_t *params = NULL;
    cos_table_t *headers = NULL;
    int sign_host = 1;
﻿
    cos_pool_create(&p, NULL);
    options = cos_request_options_create(p);
    init_test_request_options(options, is_cname);
    /* You can use a temporary key by setting `sts_token`. When you use a temporary key, you need to set `access_key_id` and `access_key_secret` to its SecretId and SecretKey */
    //cos_str_set(&options->config->sts_token, "MyTokenString");
    cos_str_set(&bucket, TEST_BUCKET_NAME);
    cos_str_set(&object, TEST_OBJECT_NAME1);
﻿
    // You are strongly advised to set `sign_host` to `1` to add the `host` header to the signature list by force to prevent unauthorized access.
    cos_gen_presigned_url_safe(options, &bucket, &object, 300, HTTP_GET, headers, params, sign_host, &presigned_url);
    printf("presigned_url_safe: %s\\n", presigned_url.data);
﻿
    cos_pool_destroy(p);
}
﻿
int main(int argc, char *argv[])
{
    // Get SecretId and SecretKey from environment variables
    TEST_ACCESS_KEY_ID     = getenv("COS_SECRETID");
    TEST_ACCESS_KEY_SECRET = getenv("COS_SECRETKEY");
﻿
    if (cos_http_io_initialize(NULL, 0) != COSE_OK) {
       exit(1);
    }
﻿
    // Set the log level. Default value: `COS_LOG_WARN`
    cos_log_set_level(COS_LOG_WARN);
﻿
    // Set log output. Default value: `stderr`
    cos_log_set_output(NULL);
﻿
    test_safe_presigned_url();
﻿
    cos_http_io_deinitialize();
﻿
    return 0;
}
Sample request 2. Generate the pre-signed URL with the signature containing request param and request header
You can obtain a pre-signed URL by setting a permanent or temporary key using the options parameter.
#include "cos_http_io.h"
#include "cos_api.h"
#include "cos_log.h"
﻿
// `endpoint` is the COS access domain name. For more information, see https://www.tencentcloud.com/document/product/436/6224.
static char TEST_COS_ENDPOINT[] = "cos.ap-guangzhou.myqcloud.com";
// A developer-owned secret ID/key used for the project. It can be obtained at https://console.tencentcloud.com/cam/capi.
static char *TEST_ACCESS_KEY_ID;                // Your SecretId
static char *TEST_ACCESS_KEY_SECRET;            // Your SecretKey
// A unique user-level resource identifier for COS access. It can be obtained at https://console.tencentcloud.com/cam/capi.
static char TEST_APPID[] = "<APPID>";    // Your APPID
// COS bucket name, in the format of [bucket]-[appid], for example `mybucket-1253666666`. It can be obtained at https://console.tencentcloud.com/cos5/bucket.
static char TEST_BUCKET_NAME[] = "<bucketname-appid>";
// A unique identifier of an object stored in COS. For more information about objects and object keys, please see https://www.tencentcloud.com/document/product/436/13324.
static char TEST_OBJECT_NAME1[] = "1.txt";
﻿
void init_test_config(cos_config_t *config, int is_cname)
{
    cos_str_set(&config->endpoint, TEST_COS_ENDPOINT);
    cos_str_set(&config->access_key_id, TEST_ACCESS_KEY_ID);
    cos_str_set(&config->access_key_secret, TEST_ACCESS_KEY_SECRET);
    cos_str_set(&config->appid, TEST_APPID);
    config->is_cname = is_cname;
}
﻿
void init_test_request_options(cos_request_options_t *options, int is_cname)
{
    options->config = cos_config_create(options->pool);
    init_test_config(options->config, is_cname);
    options->ctl = cos_http_controller_create(options->pool, 0);
}
﻿
void test_safe_presigned_url()
{
    cos_pool_t *p = NULL;
    int is_cname = 0;
    cos_request_options_t *options = NULL;
    cos_string_t bucket;
    cos_string_t object;
    cos_string_t presigned_url;
    cos_table_t *params = NULL;
    cos_table_t *headers = NULL;
    int sign_host = 1;
﻿
    cos_pool_create(&p, NULL);
    options = cos_request_options_create(p);
    init_test_request_options(options, is_cname);
    /* You can use a temporary key by setting `sts_token`. When you use a temporary key, you need to set `access_key_id` and `access_key_secret` to its SecretId and SecretKey */
    //cos_str_set(&options->config->sts_token, "MyTokenString");
    cos_str_set(&bucket, TEST_BUCKET_NAME);
    cos_str_set(&object, TEST_OBJECT_NAME1);
﻿
    // Add your `params` and `headers`
    params = cos_table_make(options->pool, 0);
    //cos_table_add(params, "param1", "value");
    headers = cos_table_make(options->pool, 0);
    //cos_table_add(headers, "header1", "value");
﻿
    // You are strongly advised to set `sign_host` to `1` to add the `host` header to the signature list by force to prevent unauthorized access.
    cos_gen_presigned_url_safe(options, &bucket, &object, 300, HTTP_GET, headers, params, sign_host, &presigned_url);
    printf("presigned_url_safe: %s\\n", presigned_url.data);
﻿
    cos_pool_destroy(p);
}
﻿
int main(int argc, char *argv[])
{
    // Get SecretId and SecretKey from environment variables
    TEST_ACCESS_KEY_ID     = getenv("COS_SECRETID");
    TEST_ACCESS_KEY_SECRET = getenv("COS_SECRETKEY");
﻿
    if (cos_http_io_initialize(NULL, 0) != COSE_OK) {
       exit(1);
    }
﻿
    // Set the log level. Default value: `COS_LOG_WARN`
    cos_log_set_level(COS_LOG_WARN);
﻿
    // Set log output. Default value: `stderr`
    cos_log_set_output(NULL);
﻿
    test_safe_presigned_url();
﻿
    cos_http_io_deinitialize();
﻿
    return 0;
}
﻿

ヘルプとサポート

この記事はお役に立ちましたか？

営業担当者にお問い合わせいただくかチケットを提出してサポートを求めることができます。

フィードバック

tencent cloud

Cloud Object Storage

Getting Pre-Signed URLs

Overview

Getting a Pre-signed Request URL

Generating pre-signed URL

Description

Method prototype

Parameter description

Response description

Pre-signed request samples

Securely Getting a Pre-signed Request URL

Securely generating a pre-signed URL

Description

Method prototype

Parameter description

Response description

Sample request 1. Generate a pre-signed URL with `host` in the signature

Sample request 2. Generate the pre-signed URL with the signature containing `request param` and `request header`

ヘルプとサポート

Parameter	Description	Type
options	COS request options	Struct
bucket	Bucket name in the format of `BucketName-APPID`	String
object	Object name	String
expire	Validity time of the signature, in seconds	Int
method	HTTP request method. Enumerated values: `HTTP_GET`, `HTTP_HEAD`, `HTTP_PUT`, `HTTP_POST`, `HTTP_DELETE`	Enum
presigned_url	The generated pre-signed URL	String