A web app I am working on requires users to be authenticated before it will sign uploads to s3.
The upload-signing endpoint uses cookie-based authentication.
Therefore, I propose sending cookies with the GET request to the signing endpoint.
I considered making it a configurable option to send cookies or not, but decided to have it always send cookies since users of this library control the server endpoint and will probably have their app SSL-secured in production.
A web app I am working on requires users to be authenticated before it will sign uploads to s3. The upload-signing endpoint uses cookie-based authentication.
Therefore, I propose sending cookies with the GET request to the signing endpoint.
I considered making it a configurable option to send cookies or not, but decided to have it always send cookies since users of this library control the server endpoint and will probably have their app SSL-secured in production.
Thanks, Aaron