

Direct Multipart Uploads to S3 in Rails - mgillett
http://blog.bitcast.io/post/43001057745/direct-multipart-uploads-to-s3-in-rails

======
simpletouch
I've tried looking for something exactly like this before to no avail. Really
awesome assuming it can deliver!

That said, being more transparent in the Readme on Github about the browsers
that are currently supported and that plan to be supported would be
appreciated. Blob is only Chrome 21+, Firefox 13+ and IE 10+ according to MDN
(<https://developer.mozilla.org/en-US/docs/DOM/Blob>), and judging by the
"FileBlob API is not supported" comment under the TODO section, there isn't
any backwards compatibility yet. How far back are you planning on supporting?

~~~
mgillett
Really glad you find it useful, and you're completely right that I need a
section on compatibility. The nice thing is that for browsers that don't
support Blobs, Amazon allows you to just upload the file as one giant chunk
with the same multipart API. I'm not absolutely sure yet (I still need to do
some testing), but this should mean that browsers versions as far back as IE 5
will work - only basic XHR compatibility will be required to function. I'm
planning on covering as many browsers as possible, I just haven't found a
great way to go about this yet. Is there a better option than
<http://spoon.net/browsers/>?

~~~
lukes386
I would also look at <http://testling.com/> and <https://saucelabs.com/>. Not
sure which is best for this kind of testing, but those are two more I'm aware
of.

------
jonny_eh
This looks like a very useful gem, I wish I found it a week ago!

I ended up using filepicker.io, and am quite happy with that now. But this gem
could be good for people that don't want to rely on a third-party (although I
still recommend trying filepicker.io)

------
matthuggins
I'm sure this is more a question about S3 than the gem itself, but can you
provide any info about security risks, who can upload, where they can upload
to, etc.? e.g.: what's to stop someone from uploading a ton of files to your
bucket if they have direct access to it?

~~~
_neil
I'm not sure with this library, but with other solutions you have a handshake
endpoint on your server which creates a time-limited, single use token. The
browser hits your server which then creates a key on S3 and sends it back to
the client. The client can then use said key to upload on S3. Might be good to
use SSL along with this.

------
amalag
Congratulations on this gem. This is a need that was not filled. I had thought
about this, but our requirements changed.

BTW, the text does not scale up. And anyone have the name of the website that
reformats a page with good CSS, just for future reference.

~~~
RansomJac
Readability?

~~~
amalag
Readability seems to require a login and an account, etc. There is one that
you can just paste the URL and it displays it with different CSS and
formatting. I should have bookmarked it.

