31

I'm using an AWS S3 presigned url to upload picture from a client (mobile app). I want to prevent the user to upload large files. Is there a way to limit the file size of an uploaded file?

Thanks

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
user2522935
  • 313
  • 1
  • 3
  • 5

2 Answers2

15

Check out "content-length-range" in s3 policy. http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html

The conditions in a POST policy is an array of objects, each of which is used to validate the contents of the uploaded object. You can use these conditions to restrict what is allowed in the request. Each form field that you specify in a form (except x-amz-signature, file, policy, and field names that have an x-ignore- prefix) must appear in the list of conditions.

content-length-range
The minimum and maximum allowable size for the uploaded content. This condition supports content-length-range condition match type.

cnvzmxcvmcx
  • 1,061
  • 2
  • 15
  • 32
Nat
  • 3,587
  • 20
  • 22
  • 5
    Is there a way to do this while creating a pre-signed URL for uploading an object? – Niks Jul 22 '15 at 08:50
  • Thanks @Nat, I've explored 'GeneratePresignedUrlRequest ' API already, it does not provide a way to specify 'content-length-range'. – Niks Jul 23 '15 at 06:22
  • Yes, you can. You need to set up a policy first with content-length-range and then sign a url with that policy – Nat Jul 23 '15 at 14:30
  • 4
    I know a policy can be set, but only via browser upload or the PUT object API. But there's no way I could find to set policy via the API to generate pre-signed url (I'm using the Java SDK, GeneratePresignedUrl class does not have such a method). Do you have a sample code of this? – Niks Jul 24 '15 at 05:00
  • 2
    @NikhilPatil will this help? https://github.com/minio/minio-java/blob/master/examples/PresignedPostPolicy.java Its minio-java client library PresignedPostPolicy.java example, It is compatible with AWS S3 API. Disclaimer: i work for minio. – koolhead17 Mar 05 '16 at 08:10
  • 2
    @Niks i tried with this tutorial https://advancedweb.hu/how-to-use-s3-post-signed-urls/ and its works – Javier Solis Guzman Jul 09 '20 at 19:05
  • Is this in KB or bytes? – Luiz Dec 31 '22 at 09:38
0

I have solved this problem perfectly! Though, the POST policy can work, but use presigned urls is more comfortable.

I use nodejs as backend. And use getSignedUrl to limit the size of upload file.

It just need modify three line of aws-sdk code. And I have tried, it can work very well.

I don't know why aws-sdk of nodejs don't support it. If there is some reason, please share to me.

first, open "node_modules/aws-sdk/lib/signers/v4.js", comment the following two line enter image description here

second, open "node_modules/aws-sdk/lib/services/s3.js", comment the following one line enter image description here

third, write the code to generate presigned url and upload file enter image description here enter image description here

coffeeking
  • 83
  • 1
  • 8
  • 3
    Unfortunately, even if this works, commenting out code in your dependencies is a terrible option for almost every use case. The change won't propagate unless you check in the dependency. And any other devs you work with won't be aware of this special change and are likely to try to update the dep. Also this looks like it requires knowing the _exact_ size, not just adding a limit. – Adam A Apr 03 '23 at 10:04
  • yes, it's just for a hack use, and the limit usage can be realized by sign when post a request to backend. – coffeeking Apr 28 '23 at 13:26