Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AmazonS3 GetPreSignedUrlRequest max Expires date

Tags:

sdk

amazon-s3

I'm generating pre-signed urls with AmazonS3 .NET SDK. They were working fine but they have stopped working now. I used to set an Expires date near to year 2038 because I wanted to make them as permanent as posible. I used 2038 because that date is an epoch date and there is the Year 2038 problem (http://en.wikipedia.org/wiki/Year_2038_problem). The SDK doesn't limit you on the date but it seems that when you access the url it gives you an Access Denied with the following message:

<Message>Invalid date (should be seconds since epoch): 2147500800</Message>

Does anyone know if there are any limits with the Expires date?

like image 577
spakinz Avatar asked Jul 09 '11 07:07

spakinz

People also ask

How long do pre-signed URLs last?

With the AWS SDKs, the maximum expiration time for a presigned URL is 7 days from the time of creation. The following example generates a presigned URL that you can give to others so that they can retrieve an object from an S3 bucket. For more information, see Sharing objects using presigned URLs.

Are pre-signed URL safe?

Anyone can use a valid presigned URL Just to make sure this is clear: if you generate a presigned URL anyone can use this, the user generating this link could use it to phish another user and let them upload an arbitrary file. So be sure you threat model properly your feature to avoid logic vulnerabilities.

When should I use Presigned URL S3?

Pre-signed URLs are used to provide short-term access to a private object in your S3 bucket. They work by appending an AWS Access Key, expiration time, and Sigv4 signature as query parameters to the S3 object. There are two common use cases when you may want to use them: Simple, occasional sharing of private files.

What is pre-signed URL?

A presigned URL gives you access to the object identified in the URL, provided that the creator of the presigned URL has permissions to access that object.

2 Answers

It looks like you already know the answer to this.

A quick test reveals that expiry dates after approximately 03:14 UTC on Tuesday, 19 January 2038 do indeed fail. You've run into the bug in the wikipedia article you linked to.

like image 87
Geoff Appleford Avatar answered Oct 14 '22 06:10

Geoff Appleford

Confirmed the issue of Year 2038 problem in AWS S3 presignedURL.

I've tested until 01-19-2038 UTC 03:00:00 and it still works.

However, to avoid time screw i choose to use 01-19-2038 UTC 00:00:00

like image 31
shooding Avatar answered Oct 14 '22 08:10

shooding
Sign in to Comment

Related questions

Android Studio Project Structure not displaying properly
Two folders are being created when i try to install HAXM
How to Display data from SQlite into Table views to iPhone app
Scrollview with paging in android
Facebook iOS SDK: How to handle SKIP button when requesting publish_actions?
Controlling touch event propagation in case of overlapping views
How to get user's information by using TikTok SDK Login?
Permutations/Anagrams in Objective-C -- I am missing something
Using Facebook Javascript SDK to get Graph Data
Where to find CabWiz.exe
Initializing an Android application

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!