You can clone with
HTTPS or Subversion.
I'd like to add Content-Disposition: attachment to all uploaded files so that if the download link is visited, browsers are forced to download the file.
For example if you hit the download URL for an mp3 without Content-Disposition: attachment, Chrome will just stream the mp3 in the browser. But if you set Content-Disposition: attachment, Chrome will download the file.
Also interested. Did you sort this out?
A quick glance at the s3 doc shows that you can pass a "Content-Disposition" field with direct uploads. So you may be able to add/remove this field from the form at runtime by inspecting the filename of the uploaded file. Perhaps in the jquery file upload "add" callback?
Okay got it working.
In the Rails s3_uploader_form I added <%= hidden_field_tag 'Content-Disposition', 'attachment' %>
<%= hidden_field_tag 'Content-Disposition', 'attachment' %>
Then in config/initializers/s3_direct_upload.rb, I monkey patched the policy_data method. After the Content-Type line I added ["starts-with","$Content-Disposition",""],
Note that this means S3 will always expect the Content-Disposition field on every request. If you remove the hidden field, S3 will reject your requests because you're not providing all the fields you promised in the policy.
This isn't the best solution, but it solves my problem for now.
Here is my full initializer:
S3DirectUpload.config do |c|
c.access_key_id = Settings.aws.s3_key
c.secret_access_key = Settings.aws.s3_secret
c.bucket = Settings.aws.s3_bucket
["starts-with", "$utf8", ""],
["starts-with", "$key", ""],
["starts-with", "$x-requested-with", ""],
["content-length-range", 0, @options[:max_file_size]],
Thanks! Worked for me as well.