Hacker News new | past | comments | ask | show | jobs | submit login

Save files to S3.



You can do that with signed forms and similar techniques, though. No need to have the key on the client side (and lots of reasons not to).


The flow is roughly this:

1) Client: "Hey, I want to upload a file."

2) Server: "Okay, here's a temporary key good for the next <n> minutes. The file has to be named <blah> and can't be more than <x> MB long" (there are other restrictions you can set, too, IIRC)

3) Client posts the form to S3 including the temporary key as a field.

4) Result.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: