Access Issue with MP3 Files from S3 Bucket After Plugin Update

  • Resolved paolo1309

    (@paolo1309)


    8 months ago

    Hello,

    I am reaching out to report a critical issue I’ve encountered with your plugin, specifically after a recent update (Version 1.9.12), which affects accessing MP3 files stored on an Amazon S3 bucket. The issue seems to stem from the plugin’s inability to comply with S3 bucket policies that restrict file access to specific domains, leading to a 403 Forbidden error (“An HTTP error occurred during file retrieval. Error Code: 403”).

    Issue Description: After the plugin update, attempting to access MP3 files via the plugin’s shortcode (e.g., [sc_embed_player fileurl=”https://mybucket.s3.amazonaws.com/test.mp3″%5D ) results in an HTTP 403 Forbidden error.

    Key Details:

    • The S3 bucket is configured with a policy that limits access to files to requests originating from my website domains only (e.g., “https://mydomain.com/). This setup was operational without issues before the plugin update.
    • A preliminary investigation suggests that the scap_verify_file_url_accessible() function, which performs a wp_remote_get() call with the HEAD method to check file accessibility, might be at the heart of the problem. It appears that due to this method and the bucket’s restrictive policy, the plugin can no longer access the MP3 files.

    Suggested Solution:

    A potentially easy-to-implement solution that would offer more flexibility to users facing similar issues would be to add an option within the WordPress dashboard, specifically on the plugin configuration page, that allows for the disabling of file URL validation ($fileurl = scap_validate_url($fileurl);). This feature would enable users to bypass the URL validation step if their setup does not require it, or if it causes compatibility issues with their storage solutions, like in my case.

    Example of S3 Bucket Policy with Domain Restriction

    For your reference, below is an example of the type of S3 bucket policy I have implemented, which restricts access to files based on the originating domain:

    {

        “Version”: “2012-10-17”,

        “Statement”: [

            {

                “Sid”: “RestrictAccessToSpecificDomains”,

                “Effect”: “Allow”,

                “Principal”: “*”,

                “Action”: “s3:GetObject”,

                “Resource”: “arn:aws:s3:::mybucket/*”,

                “Condition”: {

                    “StringLike”: {

                        “aws:Referer”: [

                            “https://mydomain.com/*”

                        ]

                    }

                }

            }

        ]

    }

    This policy was designed to ensure that only requests coming from the specified domains are allowed to retrieve objects from the bucket. The issue appears when the plugin fails to access the MP3 files, likely due to the Referer header check imposed by this policy, leading to the 403 Forbidden error we’re encountering.

    Thank you very much for your attention and support on this matter.

    Best Regards.

    • This topic was modified 8 months ago by paolo1309.
Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Thank you for reaching out to us. I have submitted a message to the plugin developers to investigate further your findings and suggestion.

    Kind regards.

    Plugin Author mra13

    (@mra13)

    Thank you. I have added a settings option to disable the validation on your site. Also, there is a filter a filter hook that you can use to disable it on your site. Please try the updated version.

    Thread Starter paolo1309

    (@paolo1309)

    It works! Thank you very much.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    That is good to know ?? Enjoy the plugin.

    Kind regards.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Access Issue with MP3 Files from S3 Bucket After Plugin Update’ is closed to new replies.