Did it another way. I just named all my custom fields in the form x-ignore-* and then I also have an x-ignore-post-upload-url which is the action my form submit ultimately goes to. So, when the xhr request completes sending the file to AWS, I do an ajax call to that action and include my form fields as data in the xhr request to my controller.
In other words, not using the allow_any policy at all.
Edited by: JasonSr on Apr 23, 2020 6:29 AM
How to create Signature V4 authentication header when uploading files as multipart/form-data in REST API of API Gateway?asked 7 months ago
Whitelist fields in direct POST without requiring them to be in the formasked 2 years ago
Trouble in node.js sending data from html form to the server.asked 5 months ago
Serverless web formasked 9 months ago
Textract Form data + Raw dataasked 3 months ago
Cannot create resource group - Blocked form submissionasked 2 years ago
Can we form AWS Transit Gateway attachments using <1Gbps hosted DX?Accepted Answerasked 3 years ago
The authorization mechanism you have provided is not supported...asked 3 years ago
I get the error - The input you provided is invalid - when submitting SES production request formasked 8 months ago
Presigned POST File Submission Invalid JSONasked 5 years ago