Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support FormPost for uploading directly from the browser #43

robert-bor opened this issue Jul 30, 2013 · 0 comments

Support FormPost for uploading directly from the browser #43

robert-bor opened this issue Jul 30, 2013 · 0 comments


Copy link

@robert-bor robert-bor commented Jul 30, 2013


It is possible to upload a file directly from the browser to the ObjectStore using FormPost. This is the code in the HTML:

<form action="" method="POST"
    <input type="hidden" name="redirect" value="" />
    <input type="hidden" name="max_file_size" value="104857600" />
    <input type="hidden" name="max_file_count" value="10" />
    <input type="hidden" name="expires" value="1375255337" />
    <input type="hidden" name="signature" value="c264da6ff7910a6a161e2da4b546c3aeee1a3d9a" />
    <input type="file" name="file1" /><br />
    <input type="submit" />

Technical background

JOSS must be capable of generating the signature for FormPost on the basis of the following parameters:

  • path (same mechanism as TempURL)
  • redirect
  • max_file_size
  • max_file_count
  • expires (same mechanism as TempURL)

I got it working in a test setup with this configuration:

path: /v1/AUTH_0fef7424e0f44779abf6e98d0bae9874/installables
max_file_size: 104857600
max_file_count: 10
expires: 1375255337
signature: c264da6ff7910a6a161e2da4b546c3aeee1a3d9a

This python code helps in determining the signature:

import hmac
from hashlib import sha1
from time import time
print '============'
path = '/v1/AUTH_0fef7424e0f44779abf6e98d0bae9874/installables'
print 'path: '+path
redirect = ''
print 'redirect: '+redirect
max_file_size = 104857600
print 'max_file_size: '+str(max_file_size)
max_file_count = 10
print 'max_file_count: '+str(max_file_count)
expires = int(time() + 86400)
print 'expires: '+str(expires)
key = '********'
hmac_body = '%s\n%s\n%s\n%s\n%s' % (path, redirect,
    max_file_size, max_file_count, expires)
signature =, hmac_body, sha1).hexdigest()
print 'signature: '+signature

Note that the official documentation places a '/' at the end of path. This doesn't work.


@ghost ghost assigned robert-bor Jul 30, 2013
robert-bor added a commit that referenced this issue Jul 30, 2013
@robert-bor robert-bor closed this Jul 30, 2013
katta pushed a commit to twxkit/joss that referenced this issue Oct 6, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.