Home Ask Login Register

Developers Planet

Your answer is one click away!

Jason McCarrell February 2016

s3 failing on preflight even with cors all methods and origins

I don't understand... it seems simple, yet it fails on the options call for the put request. "Response for preflight is invalid"


<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">

The url:


The url to s3 (keys removed):


The code to generate the put:

    Aws.config.update({accessKeyId: process.env.AWS_ACCESS_KEY, secretAccessKey: process.env.AWS_SECRET_KEY});
    var s3 = new Aws.S3();
    var s3_params = {
        Bucket: process.env.S3_BUCKET,
        Key: req.query.file_name,
        //Expires: 120,
        //ContentType:  req.query.file_type,
        ContentType: "multipart/form-data",
        ACL: 'public-read-write',
    s3.getSignedUrl('putObject', s3_params, function(err, data){
        console.log('got signed url!');
            res.status(500).json({error: err});
                signed_request: data,
                url: 'https://'+process.env.S3_BUCKET+'.s3.amazonaws.com/'+req.query.file_name

The code to make the put request:



Jason McCarrell February 2016

There are so many stupid layers to S3, but I needed to get a few things perfect:

  1. the headers needed to match exactly. Content-Type needed to be character for character the same.

  2. x-amz-acl and ACL on node need to both be set to at least public-read

  3. You need to generate a bucket policy in s3 that gives permission to your ACCESS_KEY

  4. It needs to be a PUT request [but this is something that I resolved quickly]

Notes: I created an IAM user, but then didn't use it. The IAM user didn't even work. It works fine with the public keys.

Post Status

Asked in February 2016
Viewed 1,091 times
Voted 9
Answered 1 times


Leave an answer

Quote of the day: live life