All geek questions in one place

File upload in case of HTTP 307

I am writing a Spring controller that processes an HTTP PUT request from a client and generates a pre-signed S3 URL and issues HTTP code 307 (tempo redirect). So basically I authenticate the client, and if he succeeds, I ask him to write the s3 folder. The client can write in the signed location URL.

Now I'm worried that the client will have to do the download twice. Once to my application server, and then to s3, so the operation will take twice the time.

As far as I understand, is the client actually making 2 entries in this case? Or is the client smart enough and just pushes part of the payload first, and if he succeeds, then pushes the whole payload?

I read about the status of the HTTP 100 code, but it looks like the application server / tomcat already issues it and is not in my control.

Here is my spring controller

@RequestMapping("/upload") public ResponseEntity<Void> execute(HttpServletRequest request) throws IOException, ServletException { HttpHeaders headers = new HttpHeaders(); String redirectUrl = getRedirectUrl(requestURI, request.getMethod()); headers.setLocation(new URI(redirectUrl)); ResponseEntity<Void> redirectEntity = new ResponseEntity<Void>(null,headers,HttpStatus.TEMPORARY_REDIRECT); return redirectEntity; }

How can I prevent a client from downloading all the payload to the application server?

+5
source share
2 answers

So is my understanding right?

The answer is YES. The server will send a PUT request response after reading the full request, including the body. when the client repeats the request, in response to 307 ( Temporary Redirect ), it will look like a new HTTP request.

Also, for this approach, an important point should be considered when using the 307 response code from the specification (see below).

If the status code 307 is received in response to a request from a different user than GET or HEAD, the user agent MUST NOT automatically redirect if it cannot be confirmed by the user, as this may change the conditions under which the request was sent.

At the point

How can i prevent client from uploading the entire payload to my app server? You can download to s3 in the background from your controller and return a redirect response (301?) To a URL that will return the status of the download request.

+2
source

It just does not work HTTP, HTTP does not have a mechanism to stop downloading a file, except to close the connection, but if you close the connection you cannot return the redirection information. If you want the client to boot directly to S3, you need to do this in two steps.
Ask the client to request the URL to transfer the file, and then ask them to initiate the transfer with the desired URL.

+1
source

Source: https://habr.com/ru/post/1267305/

More articles:


All Articles