Using a full-page iframe to serve up an AWS S3 site over SSL on a custom domain

Asked Dec 19 '13 at 13:32

Active Dec 19 '13 at 23:50

Viewed 1,314 times

You can access any S3 bucket through SSL on the s3.amazonaws.com domain (for which they have a wildcard cert), but you can't have SSL for your custom domain: https://stackoverflow.com/a/11203685/458614

This seems like such a huge hack, but for my single-page web app, what if I...

Buy example.com with SSL cert
https://example.com has a full-page iframe linking to https://example.s3.amazonaws.com/index.html
Voilà

End users will never know the difference. Is there any reason not to do this?

As for why I would want to do this: I can have a tiny tiny tiny web server repeatedly serving up a 250 byte index.html file with only a full-page iframe pointing to S3, and that's it, and have everything else with the speed and reliability of S3.

edited May 23 '17 at 12:19

Community

asked Dec 19 '13 at 13:32

tobek

4,349
3
32
41

Are you doing this because you MUST use SSL? What could possibly be on a 250 byte single page website that requires ssl? – E.J. Brennan Dec 19 '13 at 17:24
It's a large web app. It's a note-taking application and notes could definitely be sensitive and would need SSL. The 250 byte single page would be an iframe to https://example.s3.amazonaws.com/index.html, which itself is larger and pulls in all sorts of everything from S3. Clarified in question. – tobek Dec 19 '13 at 23:48

Using a full-page iframe to serve up an AWS S3 site over SSL on a custom domain

0 Answers0