@aws-sdk/s3-request-presigner - npm Package Compare versions

Comparing version 3.598.0 to 3.600.0

package.json

 {
   "name": "@aws-sdk/s3-request-presigner",
-  "version": "3.598.0",
+  "version": "3.600.0",
   "scripts": {
@@ -34,3 +34,3 @@ "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
   "devDependencies": {
-    "@aws-sdk/client-s3": "3.598.0",
+    "@aws-sdk/client-s3": "3.600.0",
     "@smithy/hash-node": "^3.0.1",
@@ -37,0 +37,0 @@ "@tsconfig/recommended": "1.0.1",

README.md

@@ -94,2 +94,51 @@ # @aws-sdk/s3-request-presigner
 
+### Get Presigned URL with headers that cannot be signed
+
+By using the `getSignedUrl` with a `S3Client` you are able to sign your
+headers, improving the security of presigned url. Importantly, if you want to
+sign any `x-amz-*` headers (like the ChecksumSHA256 header in this example),
+you need to provide those headers to the set of `unhoistableHeaders` in the
+`getSignedUrl` params which will force those headers to be present in the
+upload request.
+
+```javascript
+import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
+import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
+
+const s3Client = new S3Client({ region: "us-east-1" });
+const command = new PutObjectCommand({
+  Bucket: bucket,
+  Key: key,
+  ChecksumSHA256: sha,
+});
+
+const presigned = getSignedUrl(s3Client, command, {
+  expiresIn: expiration,
+  // Set of all x-amz-* headers you wish to have signed
+  unhoistableHeaders: new Set(["x-amz-checksum-sha256"]),
+});
+```
+
+### Get Presigned URL with headers that should be signed
+
+For headers that are not `x-amz-*` you are able to add them to the set of
+`signableHeaders` to be enforced in the presigned urls request.
+
+```javascript
+import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
+import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
+
+const s3Client = new S3Client({ region: "us-east-1" });
+const command = new PutObjectCommand({
+  Bucket: bucket,
+  Key: key,
+  ContentType: contentType,
+});
+
+const presigned = getSignedUrl(s3Client, command, {
+  signableHeaders: new Set(["content-type"]),
+  expiresIn: expiration,
+});
+```
+
 For more information, please go to [S3 SSE reference](https://docs.aws.amazon.com/AmazonS3/latest/dev/KMSUsingRESTAPI.html)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

35150

increased by4.69%

Number of lines in readme file

144

increased by51.58%

No dependency changes