content length / content type header enforcement on pre-signed urls
You can find it by searching for createPresignedPost.
The rule you are looking for is a value you add to the condition array like this:
- ["content-length-range", 1024, 1024*1024] to restrict the upload to files between 1ko and 1mo
3 Replies
I will try to look into this more as well, any additional details would be much appreciated.
@aws-sdk/client-s3 is the first library you would need to initiate your S3 client
@aws-sdk/s3-presigned-post is the library you would use to generate the signed urls for your requests
Finally, if you upload images, you must make sure to remove embdeded metadata (either in frontend or in the backend after the files are uploaded).
Image metadata could contain the device name and the location where the picture was taken. You should not expose those information to others
I was hoping to get it working with the package they showed in the official docs https://developers.cloudflare.com/r2/data-access/s3-api/presigned-urls ever tried that one?