Our iOS application is using the aws sdk to upload small picture to s3 using the putObjectRequest endpoint.
Some of our users are affected by a strange issue which is completely preventing them to upload any picture when they are connected to a particular wifi network. We managed to temporarily fix this but we don't know if there are better solutions so we are still wondering how to get rid of this.
This is what we know about this issue:
- This issue affects several iOS versions, iOS devices, aws sdk updates and we've been facing this for years.
- This is happening only when the user is connected to wifi, using mobile network is not causing any issues.
- The incriminated wifi ISP is Vodafone Italy but we don't know if there might be others. A file with a size less then 15kb is more likely to be uploaded correctly, while a file bigger then 100kb always fails.
- The problem is happening during the upload of the picture data to s3 from the client. To do that we are using the S3PutObjectRequest class.
- The error is returned by the method request:didFailWithError: of the AmazonServiceRequestDelegate protocol, within two seconds after the request is started.
We managed to record two different error instances happening in this case:
- Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made."
- Error Domain=NSURLErrorDomain Code=-1021 "request body stream exhausted"
What we tried to do:
Update the aws library with the latest version. This didn't solve the issue.
Use a bigger connectionTimeout value for the upload request. This didn't solve the issue. As I said the error is fired a couple of seconds before starting the request.
Change the aws endpoint to use http instead of https: http://s3.amazonaws.com. This solved the issue.
Have you heard about this issue before, maybe related to another wifi ISP? Does using http to upload expose ourself into a security issue by passing the signing token on plain text?
We are signing each request with a temporary token set in the amz-security-token header as described here: http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#UsingTemporarySecurityCredentials
Thanks
