Fugi
Fugi
PostsComments
CDCloudflare Developers
Created by Fugi on 2/2/2023 in #r2
Heya I m trying to use pre signed POSTs
Ah thank you! That's unfortunate since presigned PUTs don't allow restricting upload sizes or types. Hopefully that can come in the future. For now it'd be nice if the documentation called that out, I didn't see any warnings on either the S3 compatability page nor the Presigned URLs page
6 replies
CDCloudflare Developers
Created by Fugi on 2/2/2023 in #r2
Heya I m trying to use pre signed POSTs
*   Trying 104.18.9.90:443...
* TCP_NODELAY set
* Connected to c4388f020988b687c238667322195b29.r2.cloudflarestorage.com (104.18.9.90) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=r2.cloudflarestorage.com
*  start date: Jan 31 00:00:00 2023 GMT
*  expire date: Apr 30 23:59:59 2023 GMT
*  subjectAltName: host "c4388f020988b687c238667322195b29.r2.cloudflarestorage.com" matched cert's "c4388f020988b687c238667322195b29.r2.cloudflarestorage.com"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
> POST /mirai HTTP/1.1
> Host: c4388f020988b687c238667322195b29.r2.cloudflarestorage.com
> Accept-Encoding: deflate, gzip, br
> Accept: */*
> Accept-Language: en-US,en;q=0.9
> Cache-Control: no-cache
> Connection: keep-alive
> Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVcEni9wxldmoKAeB
> Origin: http://localhost:3000
> Pragma: no-cache
> Referer: http://localhost:3000/
> Sec-Fetch-Dest: empty
> Sec-Fetch-Mode: cors
> Sec-Fetch-Site: cross-site
> User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
> sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
> sec-ch-ua-mobile: ?0
> sec-ch-ua-platform: "Windows"
> Content-Length: 1531
> Expect: 100-continue
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
* Mark bundle as not supporting multiuse
< HTTP/1.1 400 Bad Request
< Date: Wed, 01 Feb 2023 23:53:24 GMT
< Content-Type: application/xml
< Content-Length: 131
< Connection: keep-alive
< Vary: Accept-Encoding
< Server: cloudflare
< CF-RAY: 792e9b35784727fe-SEA
<
* Connection #0 to host c4388f020988b687c238667322195b29.r2.cloudflarestorage.com left intact
<?xml version="1.0" encoding="UTF-8"?><Error><Code>InvalidArgument</Code><Message>Invalid Argument: Authorization</Message></Error>
*   Trying 104.18.9.90:443...
* TCP_NODELAY set
* Connected to c4388f020988b687c238667322195b29.r2.cloudflarestorage.com (104.18.9.90) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=r2.cloudflarestorage.com
*  start date: Jan 31 00:00:00 2023 GMT
*  expire date: Apr 30 23:59:59 2023 GMT
*  subjectAltName: host "c4388f020988b687c238667322195b29.r2.cloudflarestorage.com" matched cert's "c4388f020988b687c238667322195b29.r2.cloudflarestorage.com"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
> POST /mirai HTTP/1.1
> Host: c4388f020988b687c238667322195b29.r2.cloudflarestorage.com
> Accept-Encoding: deflate, gzip, br
> Accept: */*
> Accept-Language: en-US,en;q=0.9
> Cache-Control: no-cache
> Connection: keep-alive
> Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVcEni9wxldmoKAeB
> Origin: http://localhost:3000
> Pragma: no-cache
> Referer: http://localhost:3000/
> Sec-Fetch-Dest: empty
> Sec-Fetch-Mode: cors
> Sec-Fetch-Site: cross-site
> User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
> sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
> sec-ch-ua-mobile: ?0
> sec-ch-ua-platform: "Windows"
> Content-Length: 1531
> Expect: 100-continue
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
* Mark bundle as not supporting multiuse
< HTTP/1.1 400 Bad Request
< Date: Wed, 01 Feb 2023 23:53:24 GMT
< Content-Type: application/xml
< Content-Length: 131
< Connection: keep-alive
< Vary: Accept-Encoding
< Server: cloudflare
< CF-RAY: 792e9b35784727fe-SEA
<
* Connection #0 to host c4388f020988b687c238667322195b29.r2.cloudflarestorage.com left intact
<?xml version="1.0" encoding="UTF-8"?><Error><Code>InvalidArgument</Code><Message>Invalid Argument: Authorization</Message></Error>
6 replies
CDCloudflare Developers
Created by Fugi on 2/2/2023 in #r2
Heya I m trying to use pre signed POSTs
CURL session for the request (slightly redacted) 
$ curl 'https://c4388f020988b687c238667322195b29.r2.cloudflarestorage.com/mirai' \
>   -H 'Accept: */*' \
>   -H 'Accept-Language: en-US,en;q=0.9' \
>   -H 'Cache-Control: no-cache' \
>   -H 'Connection: keep-alive' \
>   -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVcEni9wxldmoKAeB' \
>   -H 'Origin: http://localhost:3000' \
>   -H 'Pragma: no-cache' \
>   -H 'Referer: http://localhost:3000/' \
>   -H 'Sec-Fetch-Dest: empty' \
>   -H 'Sec-Fetch-Mode: cors' \
>   -H 'Sec-Fetch-Site: cross-site' \
>   -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36' \
>   -H 'sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"' \
>   -H 'sec-ch-ua-mobile: ?0' \
>   -H 'sec-ch-ua-platform: "Windows"' \
>   --data-raw $'------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="bucket"\r\n\r\nmirai\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Algorithm"\r\n\r\nAWS4-HMAC-SHA256\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Credential"\r\n\r\n48b5c6eefee99d28dbfc64d0844153be/20230201/auto/s3/aws4_request\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Date"\r\n\r\n20230201T235252Z\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="key"\r\n\r\nuploads/84791f60f10dd90181734c80e2833713\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="Policy"\r\n\r\neyJleHBpcmF0aW9uIjoiMjAyMy0wMi0wMlQwMDowMjo1MloiLCJjb25kaXRpb25zIjpbWyJjb250ZW50LWxlbmd0aC1yYW5nZSIsNjQsMjYyMTQ0MDBdLFsic3RhcnRzLXdpdGgiLCIkQ29udGVudC1UeXBlIiwiaW1hZ2UvIl0seyJidWNrZXQiOiJtaXJhaSJ9LHsiWC1BbXotQWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsiWC1BbXotQ3JlZGVudGlhbCI6IjQ4YjVjNmVlZmVlOTlkMjhkYmZjNjRkMDg0NDE1M2JlLzIwMjMwMjAxL2F1dG8vczMvYXdzNF9yZXF1ZXN0In0seyJYLUFtei1EYXRlIjoiMjAyMzAyMDFUMjM1MjUyWiJ9LHsia2V5IjoidXBsb2Fkcy84NDc5MWY2MGYxMGRkOTAxODE3MzRjODBlMjgzMzcxMyJ9XX0=\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Signature"\r\n\r\n------------------REDACTED----------------------\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="file"; filename="Screenshot 2022-12-06 144019.png"\r\nContent-Type: image/png\r\n\r\n\u0089PNG\r\n\u0000IEND®B`\u0082\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB--\r\n' \
>   --compressed -vvv
$ curl 'https://c4388f020988b687c238667322195b29.r2.cloudflarestorage.com/mirai' \
>   -H 'Accept: */*' \
>   -H 'Accept-Language: en-US,en;q=0.9' \
>   -H 'Cache-Control: no-cache' \
>   -H 'Connection: keep-alive' \
>   -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVcEni9wxldmoKAeB' \
>   -H 'Origin: http://localhost:3000' \
>   -H 'Pragma: no-cache' \
>   -H 'Referer: http://localhost:3000/' \
>   -H 'Sec-Fetch-Dest: empty' \
>   -H 'Sec-Fetch-Mode: cors' \
>   -H 'Sec-Fetch-Site: cross-site' \
>   -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36' \
>   -H 'sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"' \
>   -H 'sec-ch-ua-mobile: ?0' \
>   -H 'sec-ch-ua-platform: "Windows"' \
>   --data-raw $'------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="bucket"\r\n\r\nmirai\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Algorithm"\r\n\r\nAWS4-HMAC-SHA256\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Credential"\r\n\r\n48b5c6eefee99d28dbfc64d0844153be/20230201/auto/s3/aws4_request\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Date"\r\n\r\n20230201T235252Z\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="key"\r\n\r\nuploads/84791f60f10dd90181734c80e2833713\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="Policy"\r\n\r\neyJleHBpcmF0aW9uIjoiMjAyMy0wMi0wMlQwMDowMjo1MloiLCJjb25kaXRpb25zIjpbWyJjb250ZW50LWxlbmd0aC1yYW5nZSIsNjQsMjYyMTQ0MDBdLFsic3RhcnRzLXdpdGgiLCIkQ29udGVudC1UeXBlIiwiaW1hZ2UvIl0seyJidWNrZXQiOiJtaXJhaSJ9LHsiWC1BbXotQWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsiWC1BbXotQ3JlZGVudGlhbCI6IjQ4YjVjNmVlZmVlOTlkMjhkYmZjNjRkMDg0NDE1M2JlLzIwMjMwMjAxL2F1dG8vczMvYXdzNF9yZXF1ZXN0In0seyJYLUFtei1EYXRlIjoiMjAyMzAyMDFUMjM1MjUyWiJ9LHsia2V5IjoidXBsb2Fkcy84NDc5MWY2MGYxMGRkOTAxODE3MzRjODBlMjgzMzcxMyJ9XX0=\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="X-Amz-Signature"\r\n\r\n------------------REDACTED----------------------\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB\r\nContent-Disposition: form-data; name="file"; filename="Screenshot 2022-12-06 144019.png"\r\nContent-Type: image/png\r\n\r\n\u0089PNG\r\n\u0000IEND®B`\u0082\r\n------WebKitFormBoundaryVcEni9wxldmoKAeB--\r\n' \
>   --compressed -vvv
6 replies