Lock the distination filename key for a given user

[tremby]

I may be missing something, but it doesn't look like the upload destination (S3 key) is enforced at all. Am I right that a user given a signature by this could upload to any location in the S3 bucket, as far as it's allowed by the bucket policy?

Would a user then be able to overwrite a file uploaded by another user?

What would it take to give a user a particular location they're allowed to upload to, such that they can't change this without requesting another signing key?

[abuisine]

I confirm that the current implementation does not allow to limit an upload to a particular filename.
You can mitigate this with strict policies on amazon.
I will try to have a look as I got the same need :P

[tremby]

Evaporate (https://github.com/TTLabs/EvaporateJS) solves this particular issue by doing all signing on the server side. I've been using that package. I can see that doing all the signing on the client side would lessen the load on the application server significantly, but for me having a malicious user able to change the upload destination is a dealbreaker. I wonder if there would be any way to produce a new policy on the server side for a particular upload which allows uploading to only a particular key (which could also be dictated or enforced by the server side in the same call), and signing this policy for the client side to then use?