HoshinoKoji/s3-presigned
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CORS support and improve error responses in fetch handler

Browse Source
This commit is contained in:
HoshinoKoji 2025-03-11 21:37:21 +08:00
parent dc05d722ea
commit 1e909f963f
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/index.js
View File

@ -14,6 +14,11 @@ export default {
async fetch(request, env, ctx) { async fetch(request, env, ctx) {
const url = new URL(request.url); const url = new URL(request.url);
const rawKey = url.pathname.slice(1); // remove leading slash const rawKey = url.pathname.slice(1); // remove leading slash
const corsHeaders = {
'Access-Control-Allow-Origin': request.headers.get('Origin'),
'Access-Control-Allow-Methods': '*',
'Access-Control-Allow-Headers': '*',
};
if (url.hostname !== '127.0.0.1' && url.protocol === 'http:') { if (url.hostname !== '127.0.0.1' && url.protocol === 'http:') {
return new Response(null, { status: 301, headers: { return new Response(null, { status: 301, headers: {
@ -21,8 +26,12 @@ export default {
}}); }});
} }
if (request.method === 'OPTIONS') {
return new Response(null, { status: 200, headers: corsHeaders });
}
if (!rawKey) { if (!rawKey) {
return new Response('Invalid key', { status: 400 }); return new Response('Invalid key', { status: 400, headers: corsHeaders });
} }
let endpoint, accessKeyId, secretAccessKey, region, bucket; let endpoint, accessKeyId, secretAccessKey, region, bucket;
@ -57,7 +66,7 @@ export default {
const pat = /^[a-zA-Z0-9]{1,64}$/; const pat = /^[a-zA-Z0-9]{1,64}$/;
if (!expId || !participantId || expId.includes('/') || !participantId.match(pat)) { if (!expId || !participantId || expId.includes('/') || !participantId.match(pat)) {
// prevent path traversal // prevent path traversal
return new Response('Invalid expId or participantId', { status: 400 }); return new Response('Invalid parameters', { status: 400, headers: corsHeaders });
} }
const client = new S3Client({ const client = new S3Client({
@ -73,6 +82,6 @@ export default {
Key: `${expId}/${participantId}/${rawKey}` Key: `${expId}/${participantId}/${rawKey}`
}); });
const signedUrl = await getSignedUrl(client, command, { expiresIn: 12*60*60 }); const signedUrl = await getSignedUrl(client, command, { expiresIn: 12*60*60 });
return new Response(signedUrl); return new Response(signedUrl, { headers: corsHeaders });
}, },
}; };