Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Embed URL


Subversion checkout URL

You can clone with
Download ZIP
JQuery file upload plugin (blueimp) with NodeJs Express3 directly to Amazon S3 with public access
crypto = require("crypto")
moment = require("moment") //requires >= 1.5.0 for UTC support
exports.upload = (req, res) ->
p = policy()
s = signature(p)
res.render "main/upload"
signature: s
policy: p
uid: uuid.v1()
aws_key: AWS_KEY
aws_bucket: AWS_BUCKET
signature = (policy) ->
crypto.createHmac("sha1", AWS_SECRET).update(policy).digest("base64")
policy = () ->
s3Policy =
expiration: moment.utc().add('minutes', 30).format('YYYY-MM-DDTHH:mm:ss\\Z')
conditions: [
{ bucket: settings.aws_img_bucket }
{ acl: "public-read-write" }
{ success_action_status: '201' }
["starts-with", "$key", ""]
["starts-with", "$Content-Type", "image/"]
new Buffer(JSON.stringify(s3Policy)).toString("base64")
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="">
<!DOCTYPE html>
<script type="text/javascript" src="/js/jquery-1.8.2.min.js"></script>
<script type="text/javascript" src="/js/jquery.ui.widget.js"></script>
<script type="text/javascript" src="/js/jquery.fileupload.js"></script>
<script type="text/javascript">
$(function() {
url: 'https://{{ aws_bucket }}',
type: 'POST',
autoUpload: true,
}).bind('fileuploadsubmit', function (e, data) {
data.formData = {
"key": "${filename}",
"AWSAccessKeyId": "{{ aws_key }}",
"acl": "public-read-write",
"policy": "{{ policy }}",
"signature": "{{ signature }}",
"success_action_status": "201",
"Content-Type": data.files[0].type
<form action="/upload" method="post" enctype="multipart/form-data">
<input type="file" id="fileupload" name="file">
<input type="text" name="content-type" value="text/plain" />
<input type="submit" value="Save">

awsome, just need it.thank you.


if you are using a flash uploader, you should put a crossdomain.xml to you buckt and make it pulbic.

what's more, add a policy condition:

['starts-with', '$Filename', '']
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.