should this still be working?

[f1-outsourcing]

I just cloned this, but it is does nothing. Eg. sha1 is not being used anymore not?

[CtrlC-Root]

The sha1.js script needs to be included before you include the s3commander.js script in any page where you want to use this. It seems to be working for me. Is there a specific problem you're having?

[f1-outsourcing]

If git cloned the s3commander project, did not change anything, just tried the index.html. I saw some required js were already included, so assumed I do not need to change anything.
If I press the connect button, nothing is happening, even checked if some tcp packets went out with tcpdump on the custom end point.

This is what firefox says:

You are using the in-browser JSX transformer. Be sure to precompile your JSX for production - http://facebook.github.io/react/docs/tooling-integration.html#jsx
JSXTransformer-0.12.2.js:318:3
Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.

[CtrlC-Root]

Ok, after testing some more I have discovered a few issues that might prevent someone from using this. I don't think these are the issues you were running into, but I wanted to document them here and make you aware I'm working on fixing them.

• Buckets created after a certain date and outside of US East or US Central now require HTTP API requests to use the newer V4 signing mechanism (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). Currently s3commander only implements V2, which still works fine with the GovCloud region, or the bucket I created years ago and which I was testing with.
• The index.html file needs to be loaded over the http or https protocols for CORS to work.
• You need to configure the S3 bucket with a CORS policy that allows the relevant origin and headers (see below).

This is the CORS policy I'm using for testing purposes, but obviously in production you would want to explicitly specify the allowed hosts and headers (i.e. Authorization):

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

I'm going to work on adding support for both signing methods to s3commander. Then I'll update the README.md file to better describe how to host the index.html file locally for testing.

On top of all that, some browsers (like Firefox) will sometimes issue warnings because they think you're signing in to a site over http. Of course, once the HTML and JavaScript is loaded, the browser only ever talks to the AWS S3 API and it does so over HTTPS (unless your bucket has a '.' in the name and therefore doesn't support HTTP, a warning will be printed in the console when this happens), so it's secure. Of course the browser doesn't know that. But we don't have the resources to test this across all (browser x platform) combinations so I think fixing those issues falls to the end-user.

[CtrlC-Root]

@f1-outsourcing Well, we're in the process of rewriting the project in AngularJS and switching to the official AWS SDK. There's still some functionality missing, so it will be a few more PRs before we make another release, but all the basics are implemented (creating / deleting folders, uploading / deleting files, showing file versions). Feel free to play around with it from the master branch if you want. I'm going to close this issue now.