- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Bucket Management
- Bucket Overview
- Creating a Bucket
- Deleting a Bucket
- Querying Buckets
- Emptying a Bucket
- Setting Access Permission
- Setting Bucket Encryption
- Setting Hotlink Protection
- Setting Origin-Pull
- Setting CORS
- Setting Versioning
- Setting Up a Static Website
- Setting Lifecycle
- Setting Logging
- Accessing Bucket List Using Sub-Account
- Adding a Bucket Policy
- Setting Log Analysis
- Setting INTELLIGENT TIERING
- Setting Inventory
- Domain Name Management
- Setting Bucket Tags
- Setting Cross-Bucket Replication
- Enabling Global Acceleration
- Object Management
- Uploading Objects
- Downloading Objects
- Copying Objects
- Viewing Object Information
- Searching for Objects
- Sorting and Filtering Objects
- Direct Upload to ARCHIVE
- Modifying Storage Classes
- Deleting Incomplete Multipart Uploads
- Setting Object Access Permission
- Setting Object Encryption
- Custom Headers
- Deleting Objects
- Restoring Archived Objects
- Folder Management
- Data Extraction
- Setting Object Tags
- Exporting Object URLs
- Restoring a Historical Object Version
- Batch Operation
- Monitoring Reports
- Data Processing
- Data Processing Workflow
- Application Integration
- User Tools
- Tool Overview
- Installation and Configuration of Environment
- COSBrowser
- COSCLI (Beta)
- COSCLI Overview
- Download and Installation Configuration
- Common Options
- Common Commands
- Generating and Modifying Configuration Files - config
- Creating a Bucket - mb
- Deleting a Bucket - rb
- Tagging Bucket - bucket-tagging
- Querying Bucket/Object List - ls
- Obtaining Statistics on Different Types of Objects - du
- Uploading/Downloading/Copying Objects - cp
- Syncing Upload/Download/Copy - sync
- Deleting Objects - rm
- Getting File Hash Value - hash
- Listing Incomplete Multipart Uploads - lsparts
- Clearing Incomplete Multipart Uploads - abort
- Restoring Archived Objects - restore
- Getting Pre-signed URL - signurl
- FAQs
- COSCMD
- COS Migration
- FTP Server
- COSFS
- Hadoop
- COSDistCp
- Hadoop-cos-DistChecker
- HDFS TO COS
- Diagnostic Tool
- GooseFS
- Overview
- Update Log
- Getting Started
- Key Features
- Deployment Guide
- OPS Guide
- Data Security
- GooseFS on TKE Cloud Native Practices
- Quick Start
- Using GooseFS as Fluid Dataset Runtime
- Multi-Master Node Deployment
- Multiple-Master Affinity Scheduling
- Accelerating Data in COS
- Global Client Deployment
- Using Parameters for Encryption
- Manual Scaling
- Data Caching and Metadata Caching
- Data Affinity Scheduling
- Data Scheduling Based on Tolerations and Taints
- Data Preloading
- Deploying Multiple Datasets on the Same Cluster via Placement
- Best Practice
- Overview
- Access Control and Permission Management
- ACL Practices
- Cloud Access Management Practices
- Granting Sub-accounts Access to COS
- Cases of Permission Setting
- Working with COS API Authorization Policies
- Security Guidelines for Using Temporary Credentials for Direct Upload from Frontend to COS
- Generating and Using Temporary Keys
- Grant Sub-account Permissions to Pull Tag List
- Descriptions and Use Cases of Condition Keys
- Granting Sub-account Under One Root Account Permission to Manipulate Buckets Under Another Root Account
- Performance Optimization
- Data Migration
- Accessing COS Using the AWS S3 SDK
- Data Disaster Recovery and Backup
- Direct Data Upload
- Domain Name Management Practice
- Data Security
- Data Verification
- Big Data Practice
- Custom Processing
- Using COS in the Third-party Applications
- Using APIs to Zip Files
- Using APIs to Merge Files
- Developer Guide
- Creating Request
- Bucket
- Object
- Data Management
- Data Disaster Recovery
- Data Security
- Cloud Access Management
- Batch Operation
- Global Acceleration
- Data Processing
- Metadata Acceleration
- Data Workflow
- Monitoring and Alarms
- Troubleshooting
- API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Operation List
- Service APIs
- Bucket APIs
- Basic Operations
- Access Control List (acl)
- Cross-Origin Resource Sharing (cors)
- Lifecycle
- Bucket Policy (policy)
- Hotlink Protection (referer)
- Tag (tagging)
- Static Website (website)
- Intelligent Tiering
- Bucket inventory(inventory)
- Versioning
- Cross-Bucket Replication(replication)
- Log Management(logging)
- Global Acceleration (Accelerate)
- Bucket Encryption (encryption)
- Custom Domain Name (Domain)
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotation
- Converting Format
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Grayscale Image
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Limiting Output Image Size
- Pipeline Operators
- Image Advanced Compression
- Persistent Image Processing
- Image Compression
- Basic Image Processing
- Media Processing
- Image Processing
- Data Workflow APIs
- SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Generating Pre-Signed URLs
- Configuring Preflight Requests for Cross-origin Access
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Getting Started
- Quick Experience
- Bucket Operations
- Remote Disaster Recovery
- Data Management
- Cloud Access Management
- Data Verification
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Object Operations
- C SDK
- C++ SDK
- .NET(C#) SDK
- Getting Started
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Restoring Archived Objects
- Querying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Configuring Preflight Requests for Cross-Origin Access
- Server-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Cross-Region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Backward Compatibility
- Go SDK
- iOS SDK
- Getting Started
- Quick Experience
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Listing Objects
- Copying and Moving Objects
- Extracting Object Content
- Checking Whether an Object Exists
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Server-Side Encryption
- Object Access URL
- Generating Pre-Signed URL
- Configuring CORS Preflight Requests
- Cross-region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Java SDK
- Getting Started
- FAQs
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Restoring Archived Objects
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Data Management
- Cross-Region Disaster Recovery
- Cloud Access Management
- Image Processing
- Media Processing
- Troubleshooting
- Setting Access Domain Names (CDN/Global Acceleration)
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- Getting Started
- Bucket Operations
- Bucket Management
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Restoring Archived Objects
- Extracting Object Content
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Data Management
- Cloud Access Management
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Image Processing
- Mini Program SDK
- Error Codes
- FAQs
- COS Service Level Agreement
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Bucket Management
- Bucket Overview
- Creating a Bucket
- Deleting a Bucket
- Querying Buckets
- Emptying a Bucket
- Setting Access Permission
- Setting Bucket Encryption
- Setting Hotlink Protection
- Setting Origin-Pull
- Setting CORS
- Setting Versioning
- Setting Up a Static Website
- Setting Lifecycle
- Setting Logging
- Accessing Bucket List Using Sub-Account
- Adding a Bucket Policy
- Setting Log Analysis
- Setting INTELLIGENT TIERING
- Setting Inventory
- Domain Name Management
- Setting Bucket Tags
- Setting Cross-Bucket Replication
- Enabling Global Acceleration
- Object Management
- Uploading Objects
- Downloading Objects
- Copying Objects
- Viewing Object Information
- Searching for Objects
- Sorting and Filtering Objects
- Direct Upload to ARCHIVE
- Modifying Storage Classes
- Deleting Incomplete Multipart Uploads
- Setting Object Access Permission
- Setting Object Encryption
- Custom Headers
- Deleting Objects
- Restoring Archived Objects
- Folder Management
- Data Extraction
- Setting Object Tags
- Exporting Object URLs
- Restoring a Historical Object Version
- Batch Operation
- Monitoring Reports
- Data Processing
- Data Processing Workflow
- Application Integration
- User Tools
- Tool Overview
- Installation and Configuration of Environment
- COSBrowser
- COSCLI (Beta)
- COSCLI Overview
- Download and Installation Configuration
- Common Options
- Common Commands
- Generating and Modifying Configuration Files - config
- Creating a Bucket - mb
- Deleting a Bucket - rb
- Tagging Bucket - bucket-tagging
- Querying Bucket/Object List - ls
- Obtaining Statistics on Different Types of Objects - du
- Uploading/Downloading/Copying Objects - cp
- Syncing Upload/Download/Copy - sync
- Deleting Objects - rm
- Getting File Hash Value - hash
- Listing Incomplete Multipart Uploads - lsparts
- Clearing Incomplete Multipart Uploads - abort
- Restoring Archived Objects - restore
- Getting Pre-signed URL - signurl
- FAQs
- COSCMD
- COS Migration
- FTP Server
- COSFS
- Hadoop
- COSDistCp
- Hadoop-cos-DistChecker
- HDFS TO COS
- Diagnostic Tool
- GooseFS
- Overview
- Update Log
- Getting Started
- Key Features
- Deployment Guide
- OPS Guide
- Data Security
- GooseFS on TKE Cloud Native Practices
- Quick Start
- Using GooseFS as Fluid Dataset Runtime
- Multi-Master Node Deployment
- Multiple-Master Affinity Scheduling
- Accelerating Data in COS
- Global Client Deployment
- Using Parameters for Encryption
- Manual Scaling
- Data Caching and Metadata Caching
- Data Affinity Scheduling
- Data Scheduling Based on Tolerations and Taints
- Data Preloading
- Deploying Multiple Datasets on the Same Cluster via Placement
- Best Practice
- Overview
- Access Control and Permission Management
- ACL Practices
- Cloud Access Management Practices
- Granting Sub-accounts Access to COS
- Cases of Permission Setting
- Working with COS API Authorization Policies
- Security Guidelines for Using Temporary Credentials for Direct Upload from Frontend to COS
- Generating and Using Temporary Keys
- Grant Sub-account Permissions to Pull Tag List
- Descriptions and Use Cases of Condition Keys
- Granting Sub-account Under One Root Account Permission to Manipulate Buckets Under Another Root Account
- Performance Optimization
- Data Migration
- Accessing COS Using the AWS S3 SDK
- Data Disaster Recovery and Backup
- Direct Data Upload
- Domain Name Management Practice
- Data Security
- Data Verification
- Big Data Practice
- Custom Processing
- Using COS in the Third-party Applications
- Using APIs to Zip Files
- Using APIs to Merge Files
- Developer Guide
- Creating Request
- Bucket
- Object
- Data Management
- Data Disaster Recovery
- Data Security
- Cloud Access Management
- Batch Operation
- Global Acceleration
- Data Processing
- Metadata Acceleration
- Data Workflow
- Monitoring and Alarms
- Troubleshooting
- API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Operation List
- Service APIs
- Bucket APIs
- Basic Operations
- Access Control List (acl)
- Cross-Origin Resource Sharing (cors)
- Lifecycle
- Bucket Policy (policy)
- Hotlink Protection (referer)
- Tag (tagging)
- Static Website (website)
- Intelligent Tiering
- Bucket inventory(inventory)
- Versioning
- Cross-Bucket Replication(replication)
- Log Management(logging)
- Global Acceleration (Accelerate)
- Bucket Encryption (encryption)
- Custom Domain Name (Domain)
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotation
- Converting Format
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Grayscale Image
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Limiting Output Image Size
- Pipeline Operators
- Image Advanced Compression
- Persistent Image Processing
- Image Compression
- Basic Image Processing
- Media Processing
- Image Processing
- Data Workflow APIs
- SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Generating Pre-Signed URLs
- Configuring Preflight Requests for Cross-origin Access
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Getting Started
- Quick Experience
- Bucket Operations
- Remote Disaster Recovery
- Data Management
- Cloud Access Management
- Data Verification
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Object Operations
- C SDK
- C++ SDK
- .NET(C#) SDK
- Getting Started
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Restoring Archived Objects
- Querying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Configuring Preflight Requests for Cross-Origin Access
- Server-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Cross-Region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Backward Compatibility
- Go SDK
- iOS SDK
- Getting Started
- Quick Experience
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Listing Objects
- Copying and Moving Objects
- Extracting Object Content
- Checking Whether an Object Exists
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Server-Side Encryption
- Object Access URL
- Generating Pre-Signed URL
- Configuring CORS Preflight Requests
- Cross-region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Java SDK
- Getting Started
- FAQs
- Bucket Operations
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Restoring Archived Objects
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Extracting Object Content
- Data Management
- Cross-Region Disaster Recovery
- Cloud Access Management
- Image Processing
- Media Processing
- Troubleshooting
- Setting Access Domain Names (CDN/Global Acceleration)
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- Getting Started
- Bucket Operations
- Bucket Management
- Object Operations
- Uploading Objects
- Downloading Objects
- Copying and Moving Objects
- Listing Objects
- Deleting Objects
- Checking Whether Objects Exist
- Querying Object Metadata
- Modifying Object Metadata
- Object Access URL
- Getting Pre-Signed URLs
- Restoring Archived Objects
- Extracting Object Content
- Server-Side Encryption
- Client-Side Encryption
- Single-URL Speed Limits
- Data Management
- Cloud Access Management
- Setting Access Domain Names (CDN/Global Acceleration)
- Troubleshooting
- Image Processing
- Mini Program SDK
- Error Codes
- FAQs
- COS Service Level Agreement
- Glossary
Overview
The Go SDK provides APIs for getting pre-signed request URLs. This document provides samples for detailed directions.
Note:
- We recommend you use a temporary key to generate a pre-signed URL for the security of your requests such as uploads and downloads. When you apply for a temporary key, follow the principle of least privilege to avoid leaking resources besides your buckets and objects.
- If you need to use a permanent key to generate a pre-signed URL, you are advised to limit the permission of the permanent key to uploads and downloads only to avoid risks.
Getting Pre-signed Request URL
func (s *ObjectService) GetPresignedURL(ctx context.Context, httpMethod, name, ak, sk string, expired time.Duration, opt interface{}, signHost ...bool) (*url.URL, error)
Parameter description
type PresignedURLOptions struct {
Query *url.Values
Header *http.Header
}
| Parameter | Type | Description |
|---|---|---|
| httpMethod | string | HTTP request method |
| name | string | HTTP request path, i.e., object key |
| ak | string | SecretId |
| sk | string | SecretKey |
| expired | time.Duration | Validity period of the signature |
| opt | interface{} | Extension. We recommend you enter parameters of the *PresignedURLOptions type or nil. |
| PresignedURLOptions | struct | Request parameters and headers to include in the signature |
| Query | struct | Request parameters to include in the signature |
| Header | struct | Request headers to include in the signature |
| signHost | bool | Whether to include the host header in the signature. The default value is true. You can also choose not to include the host header in the signature, but the request may fail or vulnerabilities may occur. This parameter is optional. |
Generating Pre-Signed URL with Permanent Key
Sample requests for upload
package main
import (
"context"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
"strings"
"time"
)
func main() {
// Bucket name in the format of `bucketname-appid` (`appid` is required), which can be viewed in the COS console at https://console.intl.cloud.tencent.com/cos5/bucket.
// Replace it with your `region`, which can be viewed in the COS console at https://console.intl.cloud.tencent.com/. For more information on regions, visit https://intl.cloud.tencent.com/document/product/436/6224.
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
client := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
// Get the key from environment variables.
// Environment variable `SECRETID` refers to the user's `SecretId`, which can be viewed in the CAM console at https://console.intl.cloud.tencent.com/cam/capi.
SecretID: os.Getenv("SECRETID"),
// Environment variable `SECRETKEY` refers to the user's `SecretKey`, which can be viewed in the CAM console at https://console.intl.cloud.tencent.com/cam/capi.
SecretKey: os.Getenv("SECRETKEY"),
},
})
ak := "SECRETID"
sk := "SECRETKEY"
name := "exampleobject"
ctx := context.Background()
f := strings.NewReader("test")
// 1. Upload the object in the standard method.
_, err := client.Object.Put(ctx, name, f, nil)
if err != nil {
panic(err)
}
// Get the pre-signed URL.
presignedURL, err := client.Object.GetPresignedURL(ctx, http.MethodPut, name, ak, sk, time.Hour, nil)
if err != nil {
panic(err)
}
// 2. Upload the object through a pre-signed URL.
data := "test upload with presignedURL"
f = strings.NewReader(data)
req, err := http.NewRequest(http.MethodPut, presignedURL.String(), f)
if err != nil {
panic(err)
}
// You can configure request headers by yourself.
req.Header.Set("Content-Type", "text/html")
_, err = http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
}
Sample requests for download
package main
import (
"bytes"
"context"
"errors"
"github.com/tencentyun/cos-go-sdk-v5"
"io/ioutil"
"net/http"
"net/url"
"os"
"time"
)
func main() {
// Bucket name in the format of `bucketname-appid` (`appid` is required), which can be viewed in the COS console at https://console.intl.cloud.tencent.com/cos5/bucket.
// Replace it with your `region`, which can be viewed in the COS console at https://console.intl.cloud.tencent.com/. For more information on regions, visit https://intl.cloud.tencent.com/document/product/436/6224.
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
client := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
// Get the key from environment variables.
// Environment variable `SECRETID` refers to the user's `SecretId`, which can be viewed in the CAM console at https://console.intl.cloud.tencent.com/cam/capi.
SecretID: os.Getenv("SECRETID"),
// Environment variable `SECRETKEY` refers to the user's `SecretKey`, which can be viewed in the CAM console at https://console.intl.cloud.tencent.com/cam/capi.
SecretKey: os.Getenv("SECRETKEY"),
},
})
ak := "SECRETID"
sk := "SECRETKEY"
name := "exampleobject"
ctx := context.Background()
// 1. Download the object in the standard method.
resp, err := client.Object.Get(ctx, name, nil)
if err != nil {
panic(err)
}
bs, _ := ioutil.ReadAll(resp.Body)
resp.Body.Close()
// Get the pre-signed URL.
presignedURL, err := client.Object.GetPresignedURL(ctx, http.MethodGet, name, ak, sk, time.Hour, nil)
if err != nil {
panic(err)
}
// 2. Download the object through a pre-signed URL
resp2, err := http.Get(presignedURL.String())
if err != nil {
panic(err)
}
bs2, _ := ioutil.ReadAll(resp2.Body)
resp2.Body.Close()
if bytes.Compare(bs2, bs) != 0 {
panic(errors.New("content is not consistent"))
}
}
Generating Pre-Signed URL with Temporary Key
Sample requests for upload
package main
import (
"context"
"fmt"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
"time"
"strings"
)
// You can use tags to put the request parameters or request headers in the signature.
type URLToken struct {
SessionToken string `url:"x-cos-security-token,omitempty" header:"-"`
}
func main() {
// Replace it with your temporary key.
tak := os.Getenv("SECRETID")
tsk := os.Getenv("SECRETKEY")
token := &URLToken{
SessionToken: "<token>",
}
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
c := cos.NewClient(b, &http.Client{})
name := "exampleobject"
ctx := context.Background()
// Method 1. Use `PresignedURLOptions` to configure `x-cos-security-token`.
// You can add request parameters and request headers through `PresignedURLOptions`.
opt := &cos.PresignedURLOptions{
Query: &url.Values{},
Header: &http.Header{},
}
opt.Query.Add("x-cos-security-token", "<token>")
// Get the pre-signed URL.
presignedURL, err := c.Object.GetPresignedURL(ctx, http.MethodPut, name, tak, tsk, time.Hour, opt)
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
// Upload the object through a pre-signed URL.
data := "test upload with presignedURL"
f := strings.NewReader(data)
req, err := http.NewRequest(http.MethodPut, presignedURL.String(), f)
if err != nil {
fmt.Printf("Error: %v\n", err)
}
_, err = http.DefaultClient.Do(req)
if err != nil {
fmt.Printf("Error: %v\n", err)
}
// Method 2. Use tags to configure `x-cos-security-token`.
// Get the pre-signed URL.
presignedURL, err = c.Object.GetPresignedURL(ctx, http.MethodPut, name, tak, tsk, time.Hour, token)
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
f = strings.NewReader(data)
req, err = http.NewRequest(http.MethodPut, presignedURL.String(), f)
if err != nil {
fmt.Printf("Error: %v\n", err)
}
_, err = http.DefaultClient.Do(req)
if err != nil {
fmt.Printf("Error: %v\n", err)
}
}
Sample requests for download
package main
import (
"context"
"fmt"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
"time"
)
// You can use tags to put the request parameters or request headers in the signature.
type URLToken struct {
SessionToken string `url:"x-cos-security-token,omitempty" header:"-"`
}
func main() {
// Replace it with your temporary key.
tak := os.Getenv("SECRETID")
tsk := os.Getenv("SECRETKEY")
token := &URLToken{
SessionToken: "<token>",
}
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
c := cos.NewClient(b, &http.Client{})
name := "exampleobject"
ctx := context.Background()
// Method 1. Use `PresignedURLOptions` to configure `x-cos-security-token`.
// You can add request parameters and request headers through `PresignedURLOptions`.
opt := &cos.PresignedURLOptions{
Query: &url.Values{},
Header: &http.Header{},
}
opt.Query.Add("x-cos-security-token", "<token>")
// Get the pre-signed URL.
presignedURL, err := c.Object.GetPresignedURL(ctx, http.MethodGet, name, tak, tsk, time.Hour, opt)
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
// Access the object through the pre-signed URL.
resp, err := http.Get(presignedURL.String())
if err != nil {
fmt.Printf("Error: %v\n", err)
}
defer resp.Body.Close()
fmt.Println(presignedURL.String())
fmt.Printf("resp:%v\n", resp)
// Method 2. Use tags to configure `x-cos-security-token`.
// Get the pre-signed URL.
presignedURL, err = c.Object.GetPresignedURL(ctx, http.MethodGet, name, tak, tsk, time.Hour, token)
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
// Access the object through the pre-signed URL.
resp, err = http.Get(presignedURL.String())
if err != nil {
fmt.Printf("Error: %v\n", err)
}
defer resp.Body.Close()
fmt.Println(presignedURL.String())
fmt.Printf("resp:%v\n", resp)
}
Sample of Generating Pre-Signed URL for Custom Domain Name
package main
import (
"context"
"fmt"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
"time"
)
func main() {
// Replace it with your key.
tak := os.Getenv("SECRETID")
tsk := os.Getenv("SECRETKEY")
// Change it to the custom domain.
u, _ := url.Parse("https://<custom domain name>")
b := &cos.BaseURL{BucketURL: u}
c := cos.NewClient(b, &http.Client{})
name := "exampleobject"
ctx := context.Background()
// Get the pre-signed URL.
presignedURL, err := c.Object.GetPresignedURL(ctx, http.MethodGet, name, tak, tsk, time.Hour, nil)
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
// Access the object through the pre-signed URL.
resp, err := http.Get(presignedURL.String())
if err != nil {
fmt.Printf("Error: %v\n", err)
}
defer resp.Body.Close()
fmt.Println(presignedURL.String())
fmt.Printf("resp:%v\n", resp)
}
Adding Request Parameter or Header
package main
import (
"context"
"fmt"
"github.com/tencentyun/cos-go-sdk-v5"
"net/http"
"net/url"
"os"
"time"
)
func main() {
// Replace it with your temporary key.
tak := os.Getenv("SECRETID")
tsk := os.Getenv("SECRETKEY")
u, _ := url.Parse("https://examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
c := cos.NewClient(b, &http.Client{})
name := "exampleobject"
ctx := context.Background()
// You can add request parameters and request headers through `PresignedURLOptions`.
opt := &cos.PresignedURLOptions{
// HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters.
Query: &url.Values{},
// HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here.
Header: &http.Header{},
}
// Add request parameters. The returned pre-signed URL will include the added parameters.
opt.Query.Add("x-cos-security-token", "<token>")
// Add request headers. The returned pre-signed URL only sets the request headers to the signature. Therefore, you still need to set the headers when making requests.
opt.Header.Add("Content-Type", "text/html")
// The SDK includes the `host` header in the signature by default. If the `signHost` parameter is not passed in or `SignHost` is `true`, the `host` header is included in the signature.
// If `signHost` is `false`, the `host` header is not included in the signature, which may lead to request failure or security vulnerabilities.
var signHost bool = true
// Get the pre-signed URL with the signature containing `host`.
presignedURL, err := c.Object.GetPresignedURL(ctx, http.MethodPut, name, tak, tsk, time.Hour, opt, signHost)
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
// Access the object through the pre-signed URL.
req, _ := http.NewRequest(http.MethodPut, presignedURL.String(), strings.NewReader("test"))
// Set headers when making requests.
req.Header.Set("Content-Type", "text/html")
resp, err := http.DefaultClient.Do(req)
if err != nil {
fmt.Printf("Error: %v\n", err)
}
defer resp.Body.Close()
fmt.Println(presignedURL.String())
fmt.Printf("resp:%v\n", resp)
}
Yes
No
Was this page helpful?