Home/ Questions/Q 8732413
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T09:26:05+00:00

I’m building a web application and am looking into using Amazon S3 to store

  • 0

I’m building a web application and am looking into using Amazon S3 to store user uploads.

My concern is, I dont want user A to see his download link for a document he uploaded is urltoMyS3/doc1234.pdf and try urltoMyS3/doc1235.pdf and get another users document.

The only way I can think of to do this, is to only allow the web application to connect to S3, then check if the user has access to a file on the web application, have the web app download the file, and then serve it to the client. The problem with this method is the application would have to download the file first and would inevitably slow the download process down for the user.

How is user files typically handled with Amazon S3? Or is it simply not typically used in a scenario where the files should not be public? Is there another service for something like this?

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can implement Query String Authentication, which will solve your problem.

    Query string authentication is useful for giving HTTP or browser
    access to resources that would normally require authentication. The
    signature in the query string secures the request. Query string
    authentication requests require an expiration date. You can specify
    any future expiration time in epoch or UNIX time (number of seconds
    since January 1, 1970).

    • 0