Pure Javascript app + Amazon S3 ?

views:

253

answers:

+2 Q:

Pure Javascript app + Amazon S3 ?

I'm looking to confirm or refute the following:

For what I have read so far it is not possible to write a web application with only javascript -- no server side logic -- served from Amazon S3 that also store data only to S3 if you need to have multiple clients with private data per client.

The issue I see is the Authorization header required for every Ajax call that would force me to put the signature (and my AWS id) right there in the page source for everybody to see.

Is that correct or I misunderstood the docs?

Are there workarounds?

+2 A:

In short, you are correct.

If your AWS key ends-up in any way on the client-side, you are in trouble.

A possible solution is, of course, to have the user specify their AWS key for storing their data.

jldupont 2009-11-24 19:48:51

But if I use their AWS key I can't use DevPay, correct? They will be basically on their own as far as registration and they will have to approach my app already with their key in hand, right?

2009-11-24 20:37:29

Sorry - I don't know enough about DevPay to say something relevant.

jldupont 2009-11-24 20:55:31

@jldupont: Yes of course, it is a great answer, thanks!

2010-04-27 14:31:41

iBeans offers a way around this without having to write any server side code. There's an S3 iBean (a developer is working on it to be released in the next few days - watch the mulesoft blog for an announcement) and you can access it right from your javascript. The iBean itself runs on a server so you wouldn't need to store your keys in the javascript.

Ken 2009-11-30 23:37:43

Thanks, I was looking for a short but not vague description of what it does, do you have a pointer? Is it hosted?

2009-12-06 02:09:53

ansaurus

tags:

views:

answers:

Pure Javascript app + Amazon S3 ?

related questions