How to use S3 signed URLs with CloudFront

15 November 2018, Tamás Sallai
S3 signed URLs provide fine control over who can access private resources. It is flexible regarding both the permission side and also on the ease of automation.

How CloudFront signed URLs work

06 November 2018, Tamás Sallai
CloudFront signed URLs provide a mechanism to control access to the content served through a distribution. Unlike the Origin Access Identity, it restricts access to which users can see the content.

How S3 Signed URLs work

30 October 2018, Tamás Sallai
Let’s say you have an object in an S3 bucket which is set to be private (i.e. no anonymous access). Then you want to share it with people who have no AWS accounts, for example, subscribed visitors to your website. This can be a video course that only paying users can access, or an EBook that requires subscription.

How to handle mixed content with CSP

23 October 2018, Tamás Sallai
Mixed content happens when some resource on a page is loaded via HTTP, while the site itself uses HTTPS. It’s a problem because that means there are files requested on an unencrypted channel, which breaks the consistency guarantees of HTTPS.

Editors' Favourites

S3 signed URLs provide fine control over who can access private resources. It is flexible regarding both the permission side and also on the ease of automation.
Why some projects are clean, easy-to-read, and performant, while others a convoluted mess? Why, when making a modification, in some codebases everything falls into place immediately, while in others it’s more like walking on a minefield?
As WebPack 2 barrels forward, Tree Shaking — or more technically, the removal of unused exports using static analysis — is finding its way to the mainstream. Developers are putting their hopes high, as it promises to solve the pressing problem of bloated packages. Usually, only a fraction of code is actually needed from each dependency but their entire codebase is bundled, increasing the size.
There’s a lot of buzz about JVM optimizations and how it makes production code perform better thanks to the Just-In-Time (JIT) compilation and various optimization techniques. A lots of excellent research materials are available, but I wanted to see for myself how these apply in practice, so I decided to dig deeper and play around with some measurements.

Interesting article?

Get hand-crafted emails on new content!