0

For example, my css code has this image file:

background: url('/static/studyspot5/images/shapes/footer_sass.png');

And it does not render on my AWS site I have the following relevant code in my settings.py:

if USE_S3:
STATICFILES_LOCATION = 'static'
MEDIAFILES_LOCATION = 'media'
MEDIA_URL = f'https://{CLOUDFRONT_DOMAIN}/{MEDIAFILES_LOCATION}/'
MEDIA_ROOT = f'https://{AWS_S3_CUSTOM_DOMAIN}/static/{MEDIAFILES_LOCATION}/'
STATIC_URL = 'https://%s/%s/' % (CLOUDFRONT_DOMAIN,STATICFILES_LOCATION)
STATIC_ROOT = 'https://%s/%s/static/' % (AWS_S3_CUSTOM_DOMAIN,STATICFILES_LOCATION)

STORAGES = {
    "default": {"BACKEND": 'custom_storages.MediaStorage'},
    "staticfiles": {"BACKEND": 'custom_storages.StaticStorage'},
    "OPTIONS": {
        "bucket_name": AWS_STORAGE_BUCKET_NAME,
        "region_name": AWS_S3_REGION_NAME,
        # "verify": AWS_S3_VERIFY,
        "signature_version": AWS_S3_SIGNATURE_VERSION,
        "cloudfront_key_id": AWS_CLOUDFRONT_KEY_ID,
        "cloudfront_key": AWS_CLOUDFRONT_KEY,
        "custom_domain": CLOUDFRONT_DOMAIN,
    },
}

The CSS file (and all other static content) is served as a signed URL just fine, e.g. using the following code:

<link rel="stylesheet" href="{% static 'studyspot5/css/style.css' %}">

But for those urls inside of CSS files, it will only pass the url of the file, without signing it (no parameters). Here is the resulting request headers. Note the referer URL is signed, but the darn background image from the CSS is not!

request headers css image url

Improve this question
2
  • Unfortunately CSS is static, it does not go through the Django template rendering process, hence you cannot generate signed URLS in this way, within the CSS url property Commented Oct 14, 2023 at 3:49
  • 403 is about permissions. Check if required permissions granted on static files folder. Commented Oct 15, 2023 at 17:15

2 Answers 2

Reset to default
0

I have ended up going with a second, public, bucket, in spite of that defeating the whole purpose of using cloudfront. At least most of my content will be delivered via signed urls, it's better than nothing.

I got the idea from a similar question: Static website private content Amazon S3 and Cloudfront - css, js and images not showing.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

This answer may come a bit late, but I solved this issue by moving the background-image tag from the CSS file to an inline style tag, e.g.:

<body style="background-image: url({% static 'path/to/image.png' %})">
    ...
</body>

Perhaps not the most elegant, but the S3 storage backend definitely picks this up from the html template and now my private bucket image gets loaded without further permission errors.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.