$sig = urlencode(base64_encode(hash_hmac('sha1', $stringToSign, $S3_SECRET, true))) $stringToSign = "PUT\n\n$mimeType\n$expires\n$amzHeaders\n$S3_BUCKET$objectName" Here is the updated PHP script you need on the server side, to get it to work you would need to replace the S3_KEY, S3_SECRET and S3_BUCKET values with your own: With the more recent versions of PHP there is built in support for the hash-hmac function and a base64 encode. I have an old way of creating signed URLs using PHP that hasn't been updated in forever. It can easily be changed to anything that can sign a request in the same way. The above example calls the PHP version of the server side signing code. Var progress = document.querySelector('.percent') ĭocument.getElementById('progress_bar').className = 'loading' ĭocument.getElementById('status').innerText = statusLabel Xhr.setRequestHeader('x-amz-acl', 'public-read') įunction setProgress(percent, statusLabel) Xhr.setRequestHeader('Content-Type', file.type) SetProgress(percentLoaded, percentLoaded = 100 ? 'Finalizing.' : 'Uploading.') Var percentLoaded = Math.round((e.loaded / e.total) * 100) SetProgress(0, 'Upload error: ' + xhr.status) * parameter has been signed and is accessable for upload.
* Use a CORS call to upload the given file to S3. Status = ' + this.status) ĮxecuteOnSignedUrl(file, function(signedURL) SetProgress(0, 'Could not contact signing script.
If (this.readyState = 4 & this.status = 200)Ĭallback(decodeURIComponent(this.responseText)) Įlse if(this.readyState = 4 & this.status != 200) Xhr.overrideMimeType('text/plain charset=x-user-defined') Hack to pass bytes through unprocessed. Xhr.open('GET', 'signput.php?name=' + file.name + '&type=' + file.type, true) * Execute the given callback with the signed response.įunction executeOnSignedUrl(file, callback)
If you want to skip to the fun part you can check out the PHP and Ruby example code on github (instructions there on deploying to Heroku as well). That bit of code is really simple and I'm including an example at the end for both PHP and Ruby. The first thing to understand is that while the upload happens directly to S3 there still needs to be some server side code that signs the URL used by the PUT call. So when Amazon announced S3 CORS support I figured I should create a demo of directly uploading a file to S3 from a browser. I've been hacking around with FileAPI and XHR2 in HTML5 recently (more on why hopefully in another month or so).