You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP
Socket
Socket
Sign inDemoInstall

@aws-sdk/s3-presigned-post

Package Overview
Dependencies
Maintainers
5
Versions
376
Alerts
File Explorer

Advanced tools

npm Scripts
License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@aws-sdk/s3-presigned-post

[![NPM version](https://img.shields.io/npm/v/@aws-sdk/s3-presigned-post/latest.svg)](https://www.npmjs.com/package/@aws-sdk/s3-presigned-post) [![NPM downloads](https://img.shields.io/npm/dm/@aws-sdk/s3-presigned-post.svg)](https://www.npmjs.com/package/@

Version published
Weekly downloads
205K
decreased by-13.23%
Maintainers
5
Created
Weekly downloads
 

Package description

What is @aws-sdk/s3-presigned-post?

@aws-sdk/s3-presigned-post is a package that allows you to generate presigned POST URLs for Amazon S3. These URLs enable users to upload files directly to S3 without needing to expose AWS credentials or write server-side code to handle the uploads.

What are @aws-sdk/s3-presigned-post's main functionalities?

Generate Presigned POST URL

This feature allows you to generate a presigned POST URL for uploading files to an S3 bucket. The code sample demonstrates how to create a presigned POST URL with specific conditions, such as a content length range.

const { S3Client } = require('@aws-sdk/client-s3');
const { createPresignedPost } = require('@aws-sdk/s3-presigned-post');

const client = new S3Client({ region: 'us-west-2' });

const params = {
  Bucket: 'example-bucket',
  Key: 'example-object',
  Expires: 60, // URL expiration time in seconds
  Conditions: [
    ['content-length-range', 0, 1048576], // 1 MB limit
  ],
};

async function generatePresignedPost() {
  try {
    const data = await createPresignedPost(client, params);
    console.log('Presigned POST URL:', data.url);
    console.log('Fields:', data.fields);
  } catch (err) {
    console.error('Error generating presigned POST URL', err);
  }
}

generatePresignedPost();

Other packages similar to @aws-sdk/s3-presigned-post

    aws-sdk

    The 'aws-sdk' package is the official AWS SDK for JavaScript. It provides a comprehensive set of tools for interacting with AWS services, including S3. While it also allows you to generate presigned URLs, it is a much larger package with broader functionality compared to @aws-sdk/s3-presigned-post, which is focused specifically on presigned POST URLs.

    s3-upload-stream

    The 's3-upload-stream' package is designed to facilitate streaming uploads to S3. It provides a writable stream that can be piped to, making it useful for handling large files or real-time data. Unlike @aws-sdk/s3-presigned-post, it does not generate presigned URLs but focuses on streaming data to S3.

    s3-presigned

    The 's3-presigned' package is a lightweight library for generating presigned URLs for S3. It supports both GET and PUT operations but does not specifically focus on presigned POST URLs like @aws-sdk/s3-presigned-post. It is a simpler alternative for basic presigned URL needs.

Readme

Source

@aws-sdk/s3-presigned-post

NPM version NPM downloads

This package provide a function generating URL and fields. Users without AWS credentials can use the URL and fields to to make a POST request to S3. The documentation for the server side feature can be found in S3 API Reference. Please read related sections for more context.

Import

JavaScript Example:

const { createPresignedPost } = require("@aws-sdk/s3-presigned-post");
const { S3Client } = require("@aws-sdk/client-s3");

ES6 Example

import { createPresignedPost } from "@aws-sdk/s3-presigned-post";
import { S3Client } from "@aws-sdk/client-s3";

Create a POST Policy

You can optionally attach a policy to a presigned post. It specifies a list of conditions that the request must meet. For example:

const Conditions = [{ acl: "bucket-owner-full-control" }, { bucket: "johnsmith" }, ["starts-with", "$key", "user/eric/"]];

Visit S3 POST documentation for supported policy elements. If you include a condition, you must specify the valid value in the Fields parameter as well. A value will not be added automatically to the fields dictionary according to the conditions.

Generate a Presigned Post

Users can generate required url and fields for POST request:

const client = new S3Client({ region: "us-west-2" });
const Bucket = "johnsmith";
const Key = "user/eric/1";
const Fields = {
  acl: "bucket-owner-full-control",
};
const { url, fields } = await createPresignedPost(client, {
  Bucket,
  Key,
  Conditions,
  Fields,
  Expires: 600, //Seconds before the presigned post expires. 3600 by default.
});

The Bucket, Key and other values in Fields must meet the conditions specified in Conditions. The Key can also contain ${filename} that will be automatically replaced by the name of the file provided. See the S3 reference for more information.

Post File using HTML Form

You can also post a file with HTML form:

<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  </head>
  <body>
    <!-- Copy the 'url' value returned by createPresignedPost() -->
    <form action="URL_VALUE" method="post" enctype="multipart/form-data">
      <!-- Copy the 'fields' key:values returned by S3Client.generate_presigned_post() -->
      <input type="hidden" name="key" value="VALUE" />
      <input type="hidden" name="AWSAccessKeyId" value="VALUE" />
      <input type="hidden" name="policy" value="VALUE" />
      <input type="hidden" name="signature" value="VALUE" />
      File:
      <input type="file" name="file" /> <br />
      <input type="submit" name="submit" value="Upload to Amazon S3" />
    </form>
  </body>
</html>

Post File using FormData in Node.js

In Node.js, use form-data package to post a file:

const { createReadStream } = require("fs");
const FormData = require("form-data");

const form = new FormData();
Object.entries(fields).forEach(([field, value]) => {
  form.append(field, value);
});
form.append("file", createReadStream("path/to/a/file"));
form.submit(url, (err, res) => {
  //handle the response
});

FAQs

Package last updated on 25 Jul 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

How to Mitigate the Risks of Using Open Source Packages with Git Dependencies

Security News

How to Mitigate the Risks of Using Open Source Packages with Git Dependencies

Git dependencies in open source packages can introduce significant risks, including lack of version control, stability issues, dependency drift, and difficulty in auditing, making them potential targets for supply chain attacks.

By Sarah Gooding  -  Jul 26, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc