Hello guys, I'm trying to upload an image via http but I always get a 400 response.
Is anyone of you good enough to see why its not well-formed multipart?
Thanks in advance
Form data sent as multipart/form-data:
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="x-amz-date"
[[AMZ_DATE]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="x-amz-credential"
[[AMZ_CRED]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="x-amz-algorithm"
[[AMZ_ALGO]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="x-amz-signature"
[[AMZ_SEG]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="Content-Type"
image/jpeg
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="policy"
[[AMZ_POLICY]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="x-amz-meta-user-id"
[[AMZ_UID]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="key"
[[AMZ_KEY]]
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="acl"
public-read
-----------------------------[[BOUNDARY]]
Content-Disposition: form-data; name="file"; filename="blob"
Content-Type: image/jpeg
[[BASE64]]
-----------------------------[[BOUNDARY]]--
Header:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: [[STRING_LENGTH]]
Referer: https://xxx.com/
Origin: https://xxx.com
DNT: 1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-GPC: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Request:
Url: https://xxx-images.s3.amazonaws.com/
Method: POST
Sec-Fetch-Dest: empty
Referer: https://xxx.com/
Origin: https://xxx.com
Content-Length: 10763
Pragma: no-cache
Sec-GPC: 1
Accept-Language: en-US,en;q=0.5
Sec-Fetch-Mode: cors
DNT: 1
Connection: keep-alive
Accept: application/xml, text/xml, */*; q=0.01
Sec-Fetch-Site: cross-site
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
Content-Type: multipart/form-data; boundary=---------------------------072844774220120808528417829115
Accept-Encoding: gzip, deflate, br
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="x-amz-date"
20231106T203936Z
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="x-amz-credential"
AKIATCWUO4LBDLIMPFKB/20231106/us-east-1/s3/aws4_request
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="x-amz-algorithm"
AWS4-HMAC-SHA256
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="x-amz-signature"
17d367c71d14e83f47c7b44329c85f0378149f98340232287c715efd82e3574a
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="Content-Type"
image/jpeg
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="policy"
eyJleHBpcmF0aW9uIjoiMjAyMy0xMS0wNlQyMTozOTozNloiLCJjb25kaXRpb25zIjpbWyJlcSIsIiRrZXkiLCJ2aXN1YWxzLTAwMTMyMzMyMTM1Ny1SUXQ0S2Itb3JpZ2luYWwuanBnIl0sWyJlcSIsIiRhY2wiLCJwdWJsaWMtcmVhZCJdLFsiZXEiLCIkYnVja2V0Iiwic291bmRjbG91ZC1pbWFnZXMiXSxbImVxIiwiJENvbnRlbnQtVHlwZSIsImltYWdlL2pwZWciXSxbImVxIiwiJHgtYW16LWNyZWRlbnRpYWwiLCJBS0lBVENXVU80TEJETElNUEZLQi8yMDIzMTEwNi91cy1lYXN0LTEvczMvYXdzNF9yZXF1ZXN0Il0sWyJlcSIsIiR4LWFtei1kYXRlIiwiMjAyMzExMDZUMjAzOTM2WiJdLFsiZXEiLCIkeC1hbXotYWxnb3JpdGhtIiwiQVdTNC1ITUFDLVNIQTI1NiJdLFsiY29udGVudC1sZW5ndGgtcmFuZ2UiLCIxIiwiMjA5NzE1MiJdLFsiZXEiLCIkeC1hbXotbWV0YS11c2VyLWlkIiwiMTMyMzMyMTM1NyJdXX0=
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="x-amz-meta-user-id"
1323321357
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="key"
visuals-001323321357-RQt4Kb-original.jpg
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="acl"
public-read
-----------------------------072844774220120808528417829115
Content-Disposition: form-data; name="file"; filename="blob"
Content-Type: image/jpeg
iVBORw0KGgoAAAANSUhEUgAACw0AAAJhCAIAAAA2ASpnAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAGdYAABnWARjRyu0AABkRSURBVHhe7doBAQAACMMg+5e+QQY5uAEAAAAAAAAANHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAAVHgSAAAAAAAAAECFJwEAAAAAAAAANGwPiR+D18kowTAAAAAASUVORK5CYII=
-----------------------------072844774220120808528417829115--
Response:
Url: https://xxx-images.s3.amazonaws.com/
Status: 400
Access-Control-Allow-Origin: https://xxx.com
Access-Control-Allow-Methods: POST, PUT
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 5CX0XH05KESCD5VJ
x-amz-id-2: rp50pyCwHbtW8vDmxdnPaVwFTTW0VtPA4JzXTavvmJbR8EWW7lOO5uPvvg2qkaUz0q7DpVGn0PuMf4MHr+RB/Q==
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Mon, 06 Nov 2023 20:39:37 GMT
Server: AmazonS3
Connection: close
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>MalformedPOSTRequest</Code><Message>The body of your POST request is not well-formed multipart/form-data.</Message><RequestId>5CX0XH05KESCD5VJ</RequestId><HostId>rp50pyCwHbtW8vDmxdnPaVwFTTW0VtPA4JzXTavvmJbR8EWW7lOO5uPvvg2qkaUz0q7DpVGn0PuMf4MHr+RB/Q==</HostId></Error>
T
@basmail said in Upload image via multipart/form-data:
Hello guys, I'm trying to upload an image via http but I always get a 400 response.
Is anyone of you good enough to see why its not well-formed multipart?Thanks in advance
Form data sent as multipart/form-data:
Use the constructor
@Fox said in Upload image via multipart/form-data:
Use the constructor
Tried it, its not sending the full request somehow, here is the constructed request:
"x-amz-date",[[AMZ_DATE]],"x-amz-credential",[[AMZ_CRED]],"x-amz-algorithm",[[AMZ_ALGO]],"x-amz-signature",[[AMZ_SEG]],"Content-Type","image/jpeg","policy",[[AMZ_POLICY]],"x-amz-meta-user-id",[[AMZ_UID]],"key",[[AMZ_KEY]],"acl","public-read","file","base64://" + [[BASE64]]
Full post request from the HTTP Sniffer:
Content-Type: multipart/form-data; boundary=nlhmpcbxogehtvgecwbtlpmodwklktxbykkxobzj
Accept: */*
--nlhmpcbxogehtvgecwbtlpmodwklktxbykkxobzj
Content-Disposition: form-data; name="x-amz-date";
20231107T133536Z
--nlhmpcbxogehtvgecwbtlpmodwklktxbykkxobzj
Content-Disposition: form-data; name="x-amz-algorithm";
AWS4-HMAC-SHA256
--nlhmpcbxogehtvgecwbtlpmodwklktxbykkxobzj
Content-Disposition: form-data; name="file"; filename="file.jpg"
Content-Type: image/jpeg
�PNG
Response:
<Error><Code>InvalidArgument</Code><Message>Bucket POST must contain a field named 'key'. If it is specified, please check the order of the fields.</Message><ArgumentName>key</ArgumentName><ArgumentValue></ArgumentValue><RequestId>CHQ6WT90FB9XJ6X0</RequestId><HostId>mHsNNdpEvGeU7iU5HO7FQoNTwC8gwCklmMaE3Ap7sm1Z0BG7kr6fF9LsMiryRYFwwg6SJ+OYJbfIlE1DuErT08tNHt9u7OJZ</HostId></Error>
Any idea why this happens?
Thanks
@basmail said in Upload image via multipart/form-data:
Any idea why this happens?
Sniff the requests from the browser and from the BAS, then compare them. This way you can find the cause.
@Fox said in Upload image via multipart/form-data:
@basmail said in Upload image via multipart/form-data:
Any idea why this happens?
Sniff the requests from the browser and from the BAS, then compare them. This way you can find the cause.
Yes I did this already, but BAS is just not sending the full request?? Of 10 parameters only 3 are sent?
If you look at the constructed request and compare it to the sent post request you will notice the difference.
Is there any way to fix this?
@basmail said in Upload image via multipart/form-data:
@Fox said in Upload image via multipart/form-data:
@basmail said in Upload image via multipart/form-data:
Any idea why this happens?
Sniff the requests from the browser and from the BAS, then compare them. This way you can find the cause.
Yes I did this already, but BAS is just not sending the full request?? Of 10 parameters only 3 are sent?
If you look at the constructed request and compare it to the sent post request you will notice the difference.
Is there any way to fix this?
Sometimes the sniffer BAS may not show all the data it sends. Try using Fiddler to analyze the BAS request and analyze the browser request
@Fox said in Upload image via multipart/form-data:
Sometimes the sniffer BAS may not show all the data it sends. Try using Fiddler to analyze the BAS request and analyze the browser request
Dont have to do this because the post response is "Bucket POST must contain a field named 'key'. If it is specified, please check the order of the fields."
Its just not getting sent.
Seems to be a BAS Bug then?!
@basmail said in Upload image via multipart/form-data:
@Fox said in Upload image via multipart/form-data:
Sometimes the sniffer BAS may not show all the data it sends. Try using Fiddler to analyze the BAS request and analyze the browser request
Dont have to do this because the post response is "Bucket POST must contain a field named 'key'. If it is specified, please check the order of the fields."
Its just not getting sent.Seems to be a BAS Bug then?!
OK, you don't have to do what I say
Which site and which query are we talking about specifically? You can send it in private messages.
@Fox said in Upload image via multipart/form-data:
Sometimes the sniffer BAS may not show all the data it sends. Try using Fiddler to analyze the BAS request and analyze the browser request
But the constructed request looks like this:
"x-amz-date",[[AMZ_DATE]],"x-amz-credential",[[AMZ_CRED]],"x-amz-algorithm",[[AMZ_ALGO]],"x-amz-signature",[[AMZ_SEG]],"Content-Type","image/jpeg","policy",[[AMZ_POLICY]],"x-amz-meta-user-id",[[AMZ_UID]],"key",[[AMZ_KEY]],"acl","public-read","file","base64://" + [[BASE64]]
Does anyone know why there is so much missing in the request?
@basmail said in Upload image via multipart/form-data:
@Fox said in Upload image via multipart/form-data:
Sometimes the sniffer BAS may not show all the data it sends. Try using Fiddler to analyze the BAS request and analyze the browser request
But the constructed request looks like this:
"x-amz-date",[[AMZ_DATE]],"x-amz-credential",[[AMZ_CRED]],"x-amz-algorithm",[[AMZ_ALGO]],"x-amz-signature",[[AMZ_SEG]],"Content-Type","image/jpeg","policy",[[AMZ_POLICY]],"x-amz-meta-user-id",[[AMZ_UID]],"key",[[AMZ_KEY]],"acl","public-read","file","base64://" + [[BASE64]]Does anyone know why there is so much missing in the request?
open the request completely, make sure that there is no data being sent after the image data
@basmail said in Upload image via multipart/form-data:
wtf you are right, there is data after the image?
How is it possible to prevent this wrong order?
The server should accept data in any order, are you sure there are no more differences and the problem is only in the order of the data?
@Fox said in Upload image via multipart/form-data:
The server should accept data in any order, are you sure there are no more differences and the problem is only in the order of the data?
Everything else is the same, only the order is different when using constructed requests.
I mean the response is even "Bucket POST must contain a field named 'key'" but when you look at the image its here:
Before I grabbed the same value:
Even when I'm sending a invalid random key its the same response
