Rails 中 FineUploader 的 S3 策略错误

Question

我一直在尝试使用FineUploader JS库实现直接上传到S3。我在 Rails 中有一个 post 操作构建和 returns S3 策略和签名，我尝试了很多不同的选项，但我在 FineUploader 中不断收到策略错误。

这是我正在使用的 FineUploader JS：

  <script>
    $('#fine-uploader-s3').fineUploaderS3({
        template: 'qq-template-s3',
        request: {
            endpoint: "https://mybucket.s3.amazonaws.com/",
            accessKey: MY_ACCESS_KEY
        },
        signature: {
            endpoint: "/generatesignature"
        },
       uploadSuccess: {
            endpoint: "/success",
            params: {
                isBrowserPreviewCapable: qq.supportedFeatures.imagePreviews
            }
        },
        iframeSupport: {
            localBlankPagePath: "/server/success.html"
        },
        cors: {
            expected: true
        },
        chunking: {
            enabled: true
        },
        resume: {
            enabled: true
        },
        deleteFile: {
            enabled: true,
            method: "POST",
            endpoint: "http://s3-demo.fineuploader.com/s3demo-thumbnails-cors.php"
        },
        validation: {
            itemLimit: 5,
            sizeLimit: 15000000
        },
        thumbnails: {
            placeholders: {
                notAvailablePath: "/plugins/fineuploader/placeholders/not_available-generic.png",
                waitingPath: "/plugins/fineuploader/placeholders/waiting-generic.png"
            }
        },
        callbacks: {
            onComplete: function(id, name, response) {
                var previewLink = qq(this.getItemByFileId(id)).getByClass('preview-link')[0];

                if (response.success) {
                    previewLink.setAttribute("href", response.tempLink)
                }
            }
        }
    });
</script>

这是 Ruby

中的生成签名操作服务器端

  def generatesignature
  bucket = MY_BUCKET
  access_key = MY_ACCESS_KEY
  secret = MY_SECRET_KEY
  key = "test.txt/"
  expiration = 5.minutes.from_now.utc.strftime('%Y-%m-%dT%H:%M:%S.000Z')
  max_filesize = 2.megabytes
  acl = 'public-read'
  sas = '200' # Tells amazon to redirect after success instead of returning xml
  policy = Base64.encode64(
    "{'expiration': '#{expiration}',
      'conditions': [
        {'bucket': '#{bucket}'},
        {'acl': '#{acl}'},
        {'Cache-Control': 'max-age=31536000'},
        ['starts-with', '$key', '#{key}'],
        ['content-length-range', 1, #{max_filesize}]
      ]}
    ").gsub(/\n|\r/, '')
  signature = Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha1'), secret, policy)).gsub(/\n| |\r/, '')
  {:access_key => access_key, :key => key, :policy => policy, :signature => signature, :sas => sas, :bucket => bucket, :acl => acl, :expiration => expiration}

params[:signature]= signature
params[:policy] = policy
render :json => params, :status => 200 and return
end

我在尝试上传到 S3 时收到的错误是： "Invalid according to Policy: Policy Condition failed: ["eq", "$acl", "public-read"]"

Answer 1

看起来好像您正在使用 "public-read" 的 ACL 值生成签名，但 Fine Uploader 发送到 S3 的策略默认情况下使用 "private" 的 ACL。如果您真的想要使用 "public-read" ACL，则需要更新 objectProperties.acl Fine Uploader S3 configuration value。例如：

$('#fine-uploader-s3').fineUploaderS3({
  objectProperties: {
    acl: 'public-read'
  },
  ...
})

Rails 中 FineUploader 的 S3 策略错误

Error on S3 Policy with FineUploader in Rails

ruby

ruby-on-rails

amazon-s3

fine-uploader