I am working with Amazon S3 on a HTML5 CORS file uploader. It’s working well, but I have still a very strange thing which is happening.
Before the PUT request to send the file, the browser always sends an OPTIONS request, which fails with a 403 FORBIDDEN error code.
But the file is correctly transferred to S3 so what’s happening ?
I tried to solve my problem by enabling all the HTTP methods, but it hasn’t worked.
Here are the headers I am using for the PUT request:
AWSAccessKeyId:XXXXXXXXXXXXXXXXXXXXXX
Expires:1347882643
Signature:YYYYYYYYYYYYYYYYYYYYY
And some code stuff :
var xhr = new XMLHttpRequest();
// bind the event listener
xhr.upload.addEventListener("progress", progress_listener, false);
// open the XMLHttpRequest
xhr.open('PUT', signed_url, true);
// when the upload is completed call the callback function if supplied
xhr.onload = function(e) {
if(typeof callback == "function") {
callback(this.status == 200, file.name, file_id);
confirm_upload_success(file_id);
}
};
// start sending
xhr.send(file);
EDIT: This bug has been fixed by Amazon 🙂
Carl@AWS / Sep 28, 2012 2:56 PM:
The problem you describe is an Amazon bug: It turns out that S3 is currently authenticating the OPTION call that is made in “preflight” for CORS and that fails (probably because the auth has been signed with for a PUT request not an OPTION request).
It’s already on their radar as you can see here: CORS works with public data, but fails to work with pre-signed request
Carl@AWS / Sep 5, 2012 1:00 PM:
So just ignore it and they’ll fix it.