文件上传直连OSS不损失安全的一种实现方式 || A way to upload files directly to OSS without losing security #275
Description
这个issue是issue #104 的延伸
目前的实现是先把图片上传到服务器,服务器再上传到 oss,我觉得需要实现一下客户端直传OSS,可以用环境变量来选择是否启用。关于安全性的问题可以用AWS S3协议中的预签名 URL 来上传对象,官网文档中该链接的内容。适当限制该预签名URL的权限就不会造成安全问题。比如在memos项目中就是客户端直传,这个功能还是有必要的。不然带宽占用要翻倍,有点浪费资源了。
This issue is an extension of issue #104
The current implementation is to upload the image to the server first, and then the server uploads it to oss. I think it is necessary to implement direct transfer of the client to OSS. You can use environment variables to choose whether to enable it. Regarding security issues, you can use the pre-signed URL in the AWS S3 protocol to upload objects. In the official website documentation [this link](https://docs.aws.amazon.com/zh_cn/AmazonS3/latest/userguide/using-presigned -url.html). Properly restricting the permissions of the pre-signed URL will not cause security issues. For example, in the memos project, it is client-side direct transmission. This function is still necessary. Otherwise, the bandwidth usage will be doubled, which is a bit of a waste of resources.