Uploading to createPresignedPost returns "Invalid Argument: Authorization"

slakk77 · October 1, 2022, 9:13pm

Generated URL using aws-sdk node.js package.

Tested using amazon s3 and it works properly but with R2 I’m getting a “Invalid Authorization” error.

slakk77 · October 1, 2022, 9:14pm

This is a very important use case as its required to restrict file upload size. I love this service but cannot prevent api abuse without this feature.

KianNH · October 1, 2022, 10:03pm

As discussed in the Discord, creating a presigned PutObject URL that includes content-length in the signed headers appears to be another way to achieve this.

Sending a 60MB binary to a URL that has content-length: 5 in the signature, overriding the request content-length header to also be 5 and R2/S3 both will only keep the first 5 bytes.

Not entirely sure if this is apart of the S3 spec or just the underlying behaviour of the web servers that front S3/R2 - but likely fine as a workaround in the interim.

tanaka · October 14, 2022, 2:02am

Same error. We have setup CORS by “putBucketCors” method, and cheked it with “getBucketCors” method. It says CORS is working.

1:
“createPresignedPost” method can generate a url looks like this.
“https://ACCOUNT_ID.r2.cloudflarestorage.com/BUCKET_NAME”.
But it returs CORS error.

2:
“getSignedUrlPromise” generates url looks like this.
“https://BUCKET_NAME.ACCOUNT_ID.r2.cloudflarestorage.com/?X-Amz-Algorithm…”
And CORS seems working propery with this type url, but we need more flexibility to configure “Conditions” which “getSignedUrlPromise” method does not have. ex. “starts-with”.

I would like to know if someone have already suceeded uploading object from “createPresignedPost” method.

KianNH · October 14, 2022, 7:42am

Presigned POST isn’t supported.

tanaka · October 16, 2022, 10:14am

Thank you for your reply!
Still I need to find a way to upload files from browser with max file size limitation.

I have tested v2 and v3 js-sdk.

With V2, ContentLength is not supported in pre-signed URLs.
It is working without ContentLength header.
Do you know how to configure content-length with V2?

With V3, “getSignedUrl” generates urls and it seems working, but not always.
About 3 out of 10 put request fails because of CORS even though the requests are made with same conditions. It’s so random that I can’t find out what cause CORS error.

system · October 19, 2022, 10:15am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.