Skip to content
Rails 3 direct upload to Amazon S3 using Plupload
Ruby CSS
Find file
Latest commit d79249a @iwasrobbed Update README.markdown
Failed to load latest commit information.
app Updated jQuery show method to have 'fast' in it's arguments so it wil…
config initial commit
db initial commit
doc initial commit
lib/tasks initial commit
public initial commit
script initial commit
test initial commit
vendor/plugins initial commit
.gitignore initial commit
Gemfile initial commit
Gemfile.lock initial commit
README.markdown Update README.markdown
Rakefile initial commit initial commit


Support this project via Gratipay

Updated for Rails 3 & PLUpload

This is just a sample app using Rails 3 which allows you to upload directly to Amazon S3 and bypass the Rails server entirely. This is useful for cloud hosting like Heroku which has a 30 second request timeout and resets the connection on any uploads which go over that limit.

  • Uploading: PLUpload
  • Uploading Technology: jQuery API using Flash, Google Gears, Silverlight, BrowserPlus, HTML5 to do the heavy lifting

Debugging Flash Uploaders

For debugging purposes involving Flash uploading, I would highly recommend using the WireShark tool which allows you to sniff the network traffic for XML responses sent back from Amazon S3.

Link to download WireShark:

How to install on MacOSX:

Amazon S3 will always send back an XML response to the Flash uploader and currently the uploader does nothing with it except give a vague error response which isn't helpful.

So what you have to do is first close out other items that may be using the internet at the moment (to minimize noise) and then run WireShark and capture the network traffic while you try and upload a file. You'll start to see a whole bunch of stuff show up in WireShark so go ahead and filter it out by typing "xml" into the Filter box at the top of the window. This will show only the XML responses back from S3 like this:

The one that is highlighted in that image is a 403 forbidden response which could mean that you are missing something in your Amazon S3 policy or that you have extra keys that it doesn't know about. Some uploaders actually send extra data with the request (like the name item shown) that Amazon doesn't know about so you have to tell it to accept the params with any value, which is what the blank starts-with in the policy item does:

['starts-with', '$name', ''],

Hopefully WireShark helps you solve many headaches in the future. Happy uploading!

Steps to make the example work:

  • Clone this repo and run bundle install

  • Add your S3 bucket and keys to config/amazon_s3.yml

  • For Flash: Make sure a public readable crossdomain.xml exists in the root directory of the S3 bucket you specified in config/amazon_s3.yml, with the following content (once you get it working, you should limit access to your domain to be more secure). An example can be found here

  • For Silverlight: Make sure a public readable clientaccesspolicy.xml exists in the root directory of the S3 bucket you specified in config/amazon_s3.yml, with the following content (once you get it working, you should limit access to your domain to be more secure). An example can be found here

  • Also make sure a folder named test exists in that bucket (if not, one will be created). Files will be uploaded to that folder.

  • Run the server locally or push it up to Heroku and start uploading files.

  • If you want to explore the code, the bulk of it is in the helpers/uploads_helper.rb file and then a convenient helper for using/customizing the uploader can be found in the views/uploads/new.html.haml file

Note PLUpload uses CSS to absolutely position the Flash/Silverlight objects over top of your custom "Upload" button, so if you move that button at all during the upload process the Flash/Silverlight object will still be there.

Generating a secure, time-sensitive URL for S3 objects

If you would like to generate a secure, time-sensitive URL for accessing an object after you are finished uploading the file, here is a gist file which will help you to do so:

One thing to remember is that you should be setting the ACL of the file to private when you upload it so that no one else can access it without that signed URL.


I am always open to others collaborating on this example and I welcome any pull requests. If you find any issues, please report them in the Issues area above. Thanks!!


Original Author

Nico Ritsche:

Original Blog Post

Something went wrong with that request. Please try again.