Amazon httpS #779
Comments
|
It might not work properly for Flash runtime in default mode, but otherwise SSL should just ok. Have you tried and it failed or why such conclusion? |
|
I have succesfully uploaded to Amazon S3 using yout example with both Flash and HTML5 runtimes and both failed when tried using the HTTPS protocol. It returns "Upload URL might be wrong or doesn't exist." Perhaps extra configurations are needed? Thanks for looking into this. |
|
It might be that you are not configuring it properly. It should upload just fine in html5, flash and silverlight. Do you actually allow connection over HTTPS in your As bare minimum it should look like this: <?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>Notice But it is a confusing topic in general, so I will probably write an insightful tutorial here in wiki. |
|
Yes, I have that file copied from your provided file example and that's how I get it to work with flash using HTTP protocol. It has the I would like to suggest improving the Error managment. For example if using Flash and Amazon and there is an access error you could return a message explanining that probably the crossdomain is missing. If there it answer from Amazon but the upload failed then display the message from Amazon, etc. If would definetly reduce the amount of related issues I see all around. Anyway will study this deeper and feedback my conclusions. Thanks 👍 |
|
Flash and Silverlight do not allow access to response body (at least in default mode - that's what everyone uses) when there is an error. All they report is - We are all up to better error reporting (improved it in Plupload 2). And suggestions are of course welcome :) |
|
I'm using Plupload 2, the core version, wrapping it with my own plugin with Boostrap UI. I must tell I learned a lot with your code and the result is just amazing! If Flash is restrictive perhaps you could suggest in the error message to use HTML5 to understand why is not working, if the HTML5 error reporting is improved, of course. As this messages can be confusing for end users, perhaps could be shown only when developing. For that a kind of Develop mode could be added, just a paremeter when enabled more detailed messages are shown or some extra Events start working, etc. Just a suggestion :) |
|
There's a detailed step by step tutorial now of how to upload to Amazon S3. |
|
Thanks. I have updated my bucket permissions as explained in the doc but using httpS still doesn't work. I tried both with and without the port 443 in the url. Using http works as expected. |
|
This is strange. Can you put it online somewhere? |
|
The httpS version - http://m10.msys.es/plupload/examples/jquery/s3_https.php In chrome is not returnging any message, in FF it does when httpS. Let me know if you need anything else. |
|
I notice the problem in your example, however your config looks ok. Here I've arranged a test-case, with your config (basically a copy/paste - with replaced urls and credentials): http://plupload.com/cases/s3.php Maybe you should try to create different bucket and set ACL, CORS from scratch. Maybe there's something you overlook. |
|
Yes, your example works well. I have created a new Bucket with US Standard Region, max permissions to everyone, CORS as described. Still not working =/ What bucket region is your example using if I may ask? |
|
US Standard. |
|
Then I'm out of clues, must be some bucket setting that I'm missing. |
|
Hm... so you make your bucket public (grant upload/delete to everyone) and then set up the CORS with config exactly like this: <CORSConfiguration>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedHeader>*</AllowedHeader>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
</CORSRule>
</CORSConfiguration>? |
|
Yes, I just updated the cors again and still the same. FF say Upload URL might be wrong or doesn't exist. But I think I found an workaround. Don't know why but using this URL instead it DOES work! https://s3.amazonaws.com/bucketname/ Perhaps you could test it and document it if anyone else have the same issue :) |
|
Maybe that dot in your bucket name was the reason? Maybe you try the name with only letters in it? |
|
You are right, even with my alternative URL solution if the bucket name has a dot will fail in some ocasions (not sure why but it's not working very stable). I guess the conclusion is to avoid using strange bucket names. For my script will leave the https and an custom error report with this info if it fails. Thank you for all the effort :) |
|
Searching around, this issue is confirmed by Amazon and I think the SSL is important enaugh. The bucket names can use '-' instead. |
|
https encrypts the traffic, that's the difference. You decide :) |
|
Can you post the link of the resource where this problem is reported or described? |
|
http://stackoverflow.com/questions/3048236/amazon-s3-https-ssl-is-it-possible Check the accepted answer. |
|
Tnx. Updated the guide with I guess this can be closed now. |
|
Great! I would like to point out that is not necesary to grant permission to everyone in order to upload as it's currently stated in the docs. In fact that's not recommended at all. The only permission necesary is the default one, of the owner, which is authenticated with the signature and policy provided with the request. |
Hi,
googling about Amazon and Plupload I read about this concern: " How do you ensure that the user’s browser communicates only with Amazon S3 and not an impersonator."
And the solution was simply using the HTTPS protocol, but this does not work with Plupload.
I would like to know if this is important to take care off, or not and that's why is not supported.
Thanks, loving Plupload more each day :)
The text was updated successfully, but these errors were encountered: