1

I have the following PHP generated.

$policy = base64_encode(json_encode(array("maxsize"=>1, 'path'=>'tmp/', 'expiry'=>strtotime("+5 minutes"), 'extension'=>'.pdf', 'call'=>array('pick','store'))));
$sig = hash_hmac('sha256', $policy, FILEPICKER_SECRET);

It is correct because when I turned on security, it did not complain wrong signature. The filepicker codes as below.

filepicker.pick(
                {policy: policy, signature:signature},
                function(fpfiles) {
                    console.log(fpfiles);
                }
            );

Now nothing seems to work. 1) all types of files can be uploaded 2) uploaded files does not resides in 'tmp' folder in s3 3) all file size can be uploaded

What am I missing here?

4

1 回答 1

0

filepicker.io 策略不设置对话框的行为,只验证它。如果你想控制文件扩展名和路径,你应该在 filepicker.pick() 调用中指定这些参数。有关详细信息,请参阅https://developers.filepicker.io/docs/security/ 。

于 2013-04-17T03:01:40.957 回答