最新情報とお知らせ

製品アップデート情報

製品のお知らせ

製品概要

機能概要

応用シナリオ

製品の優位性

基本概念

リージョンとアクセスドメイン名

仕様と制限

製品の課金

課金概要

課金方式

課金項目

無料利用枠

記帳例

請求書の確認とダウンロード

お支払い遅れについて

よくある質問

クイックスタート

コンソールクイックスタート

COSBrowserクイックスタート

ユーザーガイド

リクエストの作成

バケット

オブジェクト

データ管理

バッチ処理

グローバルアクセラレーション

監視とアラーム

運用管理センター

データ処理

インテリジェントツールボックス使用ガイド

データワークフロー

アプリ統合

ツールガイド

ツール概要

環境のインストールと設定

COSBrowserツール

COSCLIツール

COSCMDツール

COS Migrationツール

FTP Serverツール

Hadoopツール

COSDistCpツール

HDFS TO COSツール

オンラインツール (Onrain Tsūru)

セルフ診断ツール

実践チュートリアル

概要

アクセス制御と権限管理

パフォーマンスの最適化

AWS S3 SDKを使用したCOSアクセス

データディザスタリカバリバックアップ

ドメイン名管理の実践

画像処理の実践

COSオーディオビデオプレーヤーの実践

データセキュリティ

データ検証

COSコスト最適化ソリューション

サードパーティアプリケーションでのCOSの使用

移行ガイド

サードパーティクラウドストレージのデータをCOSへ移行

データレークストレージ

クラウドネイティブデータレイク

メタデータアクセラレーション

データアクセラレーター GooseFS

データ処理

データ処理概要

画像処理

メディア処理

コンテンツ審査

ファイル処理

ドキュメントプレビュー

トラブルシューティング

RequestId取得の操作ガイド

パブリックネットワーク経由でのCOSへのファイルアップロード速度の遅さ

COSへのアクセス時に403エラーコードが返される

リソースアクセス異常

POST Objectの一般的な異常

セキュリティとコンプライアンス

データ災害復帰

データセキュリティ

クラウドアクセスマネジメント

よくある質問

よくあるご質問

一般的な問題

従量課金に関するご質問

ドメインコンプライアンスに関するご質問

バケット設定に関する質問

ドメイン名とCDNに関するご質問

ファイル操作に関するご質問

権限管理に関するご質問

データ処理に関するご質問

データセキュリティに関するご質問

署名付きURLに関するご質問

SDKクラスに関するご質問

ツール類に関するご質問

APIクラスに関するご質問

Agreements

Service Level Agreement

プライバシーポリシー

データ処理とセキュリティ契約

連絡先

用語集

Generating Pre-Signed URLs

フォーカスモード

フォントサイズ

最終更新日: 2024-02-04 14:25:57

Overview
The COS SDK for PHP provides an API for getting pre-signed request URLs. Below are some examples.
Note: 
You are advised to use a temporary key to generate a pre-signed URL for the security of your requests such as uploads and downloads. When you apply for a temporary key, follow the Principle of Least Privilege to avoid leaking resources besides your buckets and objects.
If you need to use a permanent key to generate a pre-signed URL, you are advised to limit the permission of the permanent key to uploads and downloads only to avoid risks.
Get the object URL and download the object parameters. You can concatenate the response-content-disposition=attachment parameter to the end of the obtained URL.
Generating Pre-Signed URL with Permanent Key
Upload request samples
Sample 1. Generate a pre-signed URL with a permanent key for simple upload
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$secretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$secretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$region = "ap-beijing"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol header, which is http by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $secretId ,
            'secretKey' => $secretKey)));
### Get pre-signed URL for simple upload
try {
    $signedUrl = $cosClient->getPreSignedUrl('putObject', array(
        'Bucket' => "examplebucket-1250000000", // Bucket in the format of BucketName-APPID
        'Key' => "exampleobject", // Location of the object in the bucket, i.e., the object key
        'Body' => 'string', // It can be empty or any string.
        'Params'=> array(), // HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters. The parameter is left empty by default.
        'Headers'=> array(), // HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here. By default, `host` is included in the signature.
    ), '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo ($signedUrl);
} catch (\\Exception $e) {
    // Request failed
    echo($e);
}
﻿
﻿
Sample 2. Generate a pre-signed URL with a permanent key for multipart upload
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$secretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$secretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$region = "ap-beijing"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol header, which is http by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $secretId ,
            'secretKey' => $secretKey)));
﻿
### Get pre-signed URL for multipart upload
try {
    $signedUrl = $cosClient->getPreSignedUrl('uploadPart', array(
        'Bucket' => "examplebucket-1250000000", // Bucket in the format of BucketName-APPID
        'Key' => "exampleobject", // Location of the object in the bucket, i.e., the object key
        'UploadId' => 'string', // Upload ID
        'PartNumber' => '1', // Part number
        'Body' => 'string',
        'Params'=> array(), // HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters. The parameter is left empty by default.
        'Headers'=> array(), // HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here. By default, `host` is included in the signature.
    ), '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo ($signedUrl);
} catch (\\Exception $e) {
    // Request failed
    echo($e);
}
Download request samples
Sample 1. Generate a pre-signed URL with a permanent key for simple download
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$secretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$secretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$region = "ap-beijing"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol header, which is http by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $secretId ,
            'secretKey' => $secretKey)));
﻿
### Get pre-signed URL for simple download
try {
    $signedUrl = $cosClient->getPreSignedUrl('getObject', array(
        'Bucket' => "examplebucket-1250000000", // Bucket in the format of BucketName-APPID
        'Key' => "exampleobject", // Location of the object in the bucket, i.e., the object key
        'Params'=> array(), // HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters. The parameter is left empty by default.
        'Headers'=> array(), // HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here. By default, `host` is included in the signature.
        ), '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo ($signedUrl);
} catch (\\Exception $e) {
    // Request failed
    echo($e);
}
Sample 2. Get the download signature with the encapsulated getObjectUrl to generate a pre-signed URL with a permanent key
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$secretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$secretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$region = "ap-beijing"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol header, which is http by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $secretId ,
            'secretKey' => $secretKey)));
﻿
### Get the download signature with the encapsulated getObjectUrl
try {    
    $bucket = "examplebucket-1250000000"; // Bucket in the format of BucketName-APPID
    $key = "exampleobject"; // Location of the object in the bucket, i.e., the object key
    $signedUrl = $cosClient->getObjectUrl($bucket, $key, '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo $signedUrl;
} catch (\\Exception $e) {
    // Request failed
    print_r($e);
}
Generating Pre-signed URL with Temporary Key
Upload request samples
Sample 1. Generate a pre-signed URL with a temporary key for simple upload
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$tmpSecretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpSecretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpToken = "COS_TOKEN"; //Token is required for temporary keys. For more information about how to generate and use a temporary key, visit https://www.tencentcloud.com/document/product/436/14048?from_cn_redirect=1
$region = "COS_REGION"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol, which is `http` by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $tmpSecretId,
            'secretKey' => $tmpSecretKey,
            'token' => $tmpToken)));
﻿
### Get pre-signed URL for simple upload
try {
    $signedUrl = $cosClient->getPreSignedUrl('putObject', array(
        'Bucket' => "examplebucket-1250000000", // Bucket in the format of BucketName-APPID
        'Key' => "exampleobject", // Location of the object in the bucket, i.e., the object key
        'Body' => 'string',
        'Params'=> array(), // HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters. The parameter is left empty by default.
        'Headers'=> array(), // HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here. By default, `host` is included in the signature.
        ), '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo ($signedUrl);
} catch (\\Exception $e) {
    // Request failed
    echo($e);
}
Sample 2. Generate a pre-signed URL with a temporary key for multipart upload
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$tmpSecretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpSecretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpToken = "COS_TOKEN"; //Token is required for temporary keys. For more information about how to generate and use a temporary key, visit https://www.tencentcloud.com/document/product/436/14048?from_cn_redirect=1
$region = "COS_REGION"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol, which is `http` by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $tmpSecretId,
            'secretKey' => $tmpSecretKey,
            'token' => $tmpToken)));
﻿
### Get pre-signed URL for multipart upload
try {
    $signedUrl = $cosClient->getPreSignedUrl('uploadPart', array(
        'Bucket' => "examplebucket-1250000000", // Bucket in the format of BucketName-APPID
        'Key' => "exampleobject", // Location of the object in the bucket, i.e., the object key
        'UploadId' => '', // Upload ID
        'PartNumber' => '1', // Part number
        'Body' => '',
        'Params'=> array(), // HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters. The parameter is left empty by default.
        'Headers'=> array(), // HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here. By default, `host` is included in the signature.
        ), '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo ($signedUrl);
} catch (\\Exception $e) {
    // Request failed
    echo($e);
}
Download request samples
Sample 1. Generate a pre-signed URL with a temporary key for simple download
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$tmpSecretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpSecretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpToken = "COS_TOKEN"; //Token is required for temporary keys. For more information about how to generate and use a temporary key, visit https://www.tencentcloud.com/document/product/436/14048?from_cn_redirect=1
$region = "COS_REGION"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol, which is `http` by default
        'signHost' => true, // The `host` header is signed by default. You can also set `signHost` to `false` to choose not to sign the `host` header, but the request may fail or vulnerabilities may occur.
        'credentials'=> array(
            'secretId'  => $tmpSecretId,
            'secretKey' => $tmpSecretKey,
            'token' => $tmpToken)));
﻿
### Get pre-signed URL for simple download
try {
    $signedUrl = $cosClient->getPreSignedUrl('getObject', array(
        'Bucket' => "examplebucket-1250000000", // Bucket in the format of BucketName-APPID
        'Key' => "exampleobject", // Location of the object in the bucket, i.e., the object key
        'Params'=> array(), // HTTP request parameters, which should be the same as those passed to the actual request. This can prevent users from tampering with the HTTP request parameters. The parameter is left empty by default.
        'Headers'=> array(), // HTTP request headers, which should be included in the actual request. This can prevent users from tampering with the HTTP request headers that are signed here. By default, `host` is included in the signature.
    ), '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo ($signedUrl);
} catch (\\Exception $e) {
    // Request failed
    echo($e);
}
Sample 2. Get the download signature with the encapsulated getObjectUrl to generate a pre-signed URL with a temporary key
<?php
﻿
require dirname(__FILE__) . '/../vendor/autoload.php';
﻿
$tmpSecretId = "SECRETID"; //Replace it with the actual SecretId, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpSecretKey = "SECRETKEY"; //Replace it with the actual SecretKey, which can be viewed and managed at https://console.tencentcloud.com/cam/capi
$tmpToken = "COS_TOKEN"; //Token is required for temporary keys. For more information about how to generate and use a temporary key, visit https://www.tencentcloud.com/document/product/436/14048?from_cn_redirect=1
$region = "COS_REGION"; //Replace it with the actual region, which can be viewed in the console at https://console.tencentcloud.com/cos5/bucket
$cosClient = new Qcloud\\Cos\\Client(
    array(
        'region' => $region,
        'schema' => 'https', // Protocol, which is `http` by default
        'credentials'=> array(
            'secretId'  => $tmpSecretId,
            'secretKey' => $tmpSecretKey,
            'token' => $tmpToken)));
﻿
### Get the download signature with the encapsulated getObjectUrl
try {    
    $bucket = "examplebucket-1250000000"; // Bucket in the format of BucketName-APPID
    $key = "exampleobject"; // Location of the object in the bucket, i.e., the object key
    $signedUrl = $cosClient->getObjectUrl($bucket, $key, '+10 minutes'); // Validity period of the signature
    // Request succeeded
    echo $signedUrl;
} catch (\\Exception $e) {
    // Request failed
    print_r($e);
}

ヘルプとサポート

この記事はお役に立ちましたか？

営業担当者にお問い合わせいただくかチケットを提出してサポートを求めることができます。

フィードバック

tencent cloud

Cloud Object Storage

Generating Pre-Signed URLs

Overview

Generating Pre-Signed URL with Permanent Key

Upload request samples

Sample 1. Generate a pre-signed URL with a permanent key for simple upload

Sample 2. Generate a pre-signed URL with a permanent key for multipart upload

Download request samples

Sample 1. Generate a pre-signed URL with a permanent key for simple download

Sample 2. Get the download signature with the encapsulated getObjectUrl to generate a pre-signed URL with a permanent key

Generating Pre-signed URL with Temporary Key

Upload request samples

Sample 1. Generate a pre-signed URL with a temporary key for simple upload

Sample 2. Generate a pre-signed URL with a temporary key for multipart upload

Download request samples

Sample 1. Generate a pre-signed URL with a temporary key for simple download

Sample 2. Get the download signature with the encapsulated getObjectUrl to generate a pre-signed URL with a temporary key

ヘルプとサポート