Amazon S3 CORS POST因JQuery-file-upload而失败

时间:2012-11-03 11:57:14

标签: jquery ruby-on-rails amazon-s3 cors

我正在尝试通过HTML上传器将文件上传到S3,我尝试按照本教程进行操作:

http://pjambet.github.com/blog/direct-upload-to-s3/

我可以通过常规的html表单发布文件。但如果我使用JQuery-file-upload插件发布相同的表单,我会从亚马逊获得403.

这是我的表格:

<form accept-charset="UTF-8" action="https://youboox_dev.s3.amazonaws.com" enctype="multipart/form-data" class='direct-upload' method="POST">
 <input type="hidden" name="key" value="test-file-name">
 <input type="hidden" name="AWSAccessKeyId" value="AKIZ[...]YSCA">
 <input type="hidden" name="acl" value="private">
 <input type="hidden" name="success_action_status" value="201">
 <input type="hidden" name="policy" value="<%= Facades::AmazonFacade.policy %>">
 <input type="hidden" name="signature" value="<%= Facades::AmazonFacade.signature %>">

 <input type="file" name="file">

 <input type="submit" value="Load this file">

这是我的jquery-uploader:

$('.direct-upload').fileupload({
      url: $(this).attr('action'),
      type: 'POST',
      autoUpload: true,
      dataType: 'xml',
      add: function (event, data) {
        jqXHR = data.submit();
      }

我从亚马逊那里得到了这个答案:

  

选项https://youboox_dev.s3.amazonaws.com/ 200(确定)
  POST https://youboox_dev.s3.amazonaws.com/ 403(禁止)

=============================================== =========

我非常确定我的政策和签名是正确的,因为当我只是通过提交按钮提交此表单时,我从亚马逊得到了一个好的回复并且'我能够下载刚上传的文件:

<PostResponse>
  <Location>https://youboox_dev.s3.amazonaws.com/tottotoCVBNBV</Location>
  <Bucket>youboox_dev</Bucket>
  <Key>test-file-name</Key>
  <ETag>"d41d8cd98f00b204e9800998ecf8427e"</ETag>
</PostResponse>

1 个答案:

答案 0 :(得分:0)

我有类似的选择(我从未测试过直接表格POST)。为我修复的是添加一个存储桶策略:

{
"Version": "2008-10-17",
"Id": "Policy1347277692345",
"Statement": [
    {
        "Sid": "my-user",
        "Effect": "Allow",
        "Principal": {
            "AWS": "arn:aws:iam::123456789:user/my-user"
        },
        "Action": [
            "s3:AbortMultipartUpload",
            "s3:GetObjectAcl",
            "s3:GetObjectVersion",
            "s3:DeleteObject",
            "s3:DeleteObjectVersion",
            "s3:GetObject",
            "s3:PutObjectAcl",
            "s3:PutObjectVersionAcl",
            "s3:ListMultipartUploadParts",
            "s3:PutObject",
            "s3:GetObjectVersionAcl"
        ],
        "Resource": "arn:aws:s3:::my-bucket/*"
    },
    {
        "Sid": "world-readable",
        "Effect": "Allow",
        "Principal": {
            "AWS": "*"
        },
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::my-bucket/*"
    }
]
}

(我承认只是从别人设置的另一个桶中盲目地复制这个,所以我不知道这些部分是否需要。)

相关问题
最新问题