IF everything is stored somewhere on the client (including keys), what prevents someone malicious from borrowing the same keys to wreck havoc on your S3 bucket?
The other key concept is that after some clients upload to a specific sub path area that is authorized for uploads, the clients can use a query string option on a GET request to list out files in that area. I suppose the website owner could have one or more administrative javascript sessions running that will periodically poll this area as just described, to process the data and upload a more compact listing for clients to retrieve.
If it's read-only, no harm. Add write abilities and he's in deep trouble. But from what I gathered (he seems to be using only GET except for admin), the site is read-only.
The consumer facing side requires no access keys so he's good. The admin side does however, so the assumption is that only a select few (one person really) is responsible for administration.
You could add SimpleDB to the mix to store hash data using similar practices.
Pretty cool imho. Libraries like jquery can easily be used to create the C in MVC anyways. Model in SimpleDB, C in Jquery, and V (plus any bin files) in S3.
It would be interesting to combine this with Google Gears for offline storage too. Tougher to create something that securely shared data between users, but for a single user this could still make some powerful apps!
This is a neat trick, but not very flexible or scalable.
Basically each user is given a presigned authorization token that lets them upload certain files to their bucket. Other users only have read access to the index. The clever trick is that the key is used to store the publicly available data like the latitude and longitude.
It works out well in his case, but it's not very useful generally.
12 comments
[ 2.5 ms ] story [ 41.4 ms ] threadThe policy dictates what can be stored in the bucket, and the signature validates the policy so folks don't tamper with it.
Here's the site in question: http://s3.amazonaws.com/broadbandwiki/broadbandwiki.html
You could add SimpleDB to the mix to store hash data using similar practices.
Pretty cool imho. Libraries like jquery can easily be used to create the C in MVC anyways. Model in SimpleDB, C in Jquery, and V (plus any bin files) in S3.
Base64 decode the policy input field on the postForm and you get:
http://doc.s3.amazonaws.com/proposals/post.html#Access_Contr...Basically each user is given a presigned authorization token that lets them upload certain files to their bucket. Other users only have read access to the index. The clever trick is that the key is used to store the publicly available data like the latitude and longitude.
It works out well in his case, but it's not very useful generally.