By using AWS re:Post, you agree to the Terms of Use

Whitelist fields in direct POST without requiring them to be in the form


I have a form that is doing a direct to S3 post. I have whitelisted the miscellaneous fields on the form, other than the file field, like text boxes, so that AWS won't reject the POST, using allow_any:
allow_any: %w(title description client_selectable clients[])

My problem is that fields like client_selectable (a checkbox) and clients[] (a select tag) don't send any form data if the checkbox is not checked or nothing selected in the select list. AWS appears to require that the fields I specify with allow_any to be there. I cannot understand why that is so. I can work around it with using hiddens, but it would be much cleaner if I knew how to tell AWS to allow those fields but don't require them.


Edited by: JasonSr on Apr 23, 2020 4:39 AM

asked 2 years ago19 views
1 Answer

Did it another way. I just named all my custom fields in the form x-ignore-* and then I also have an x-ignore-post-upload-url which is the action my form submit ultimately goes to. So, when the xhr request completes sending the file to AWS, I do an ajax call to that action and include my form fields as data in the xhr request to my controller.

In other words, not using the allow_any policy at all.

Edited by: JasonSr on Apr 23, 2020 6:29 AM

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions