I have my Rails application set up where each user can upload an avatar. The image is uploaded directly to Amazon's S3 using HTTP Post. So far everything is working except that the user is able to upload any type of file.
I'm using a fork of the d2s3 plugin by camelpunch. Here are the helpers:
policy = Base64.encode64(
"{'expiration': '#{expiration_date}',
'conditions': [
{'bucket': '#{bucket}'},
['starts-with', '$key', '#{key}'],
{'acl': '#{acl}'},
{'success_action_redirect': '#{redirect}'},
['starts-with', '$Content-Type', '#{content_type}'],
['content-length-range', #{min_filesize}, #{max_filesize}]
]
}").gsub(/\n|\r/, '')
signature = b64_hmac_sha1(D2S3::S3Config.secret_access_key, policy)
out = ""
out << %(
<form action="https://#{bucket}.s3.amazonaws.com/" method="post" enctype="multipart/form-data" id="#{options[:form][:id]}" class="#{options[:form][:class]}">
<div>
<input type="hidden" name="key" value="#{key}/${filename}" />
<input type="hidden" name="AWSAccessKeyId" value="#{access_key_id}" />
<input type="hidden" name="acl" value="#{acl}" />
<input type="hidden" name="success_action_redirect" value="#{redirect}" />
<input type="hidden" name="policy" value="#{policy}" />
<input type="hidden" name="signature" value="#{signature}" />
<input type="hidden" name="Content-Type" value="#{content_type}" />
<input name="file" type="file" />#{submit_button}
</div>
</form>
)
I have my content type set to 'image/jpeg' but Amazon seems to ignore that. In the docs, it says to set it up just like this. Am I doing something wrong?
Also, when a file that's larger than the set max filesize is uploaded, the application just stalls. S3 doesn't reply with an xml error message. Can this be fixed?
Thanks!
Tim