{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 爱情/是我丢掉的垃圾 的问题《AWS API signed POST request with Javascript》','https://www.manongdao.com/q-712488.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
What I'm trying to do: Ultimately: I want to populate an AWS Kinesis stream from a browser extension (Safari, Chrome). I need to send the request to AWS using a signing process (v4); this involves setting headers and encrypting them (on a distant server with the aws secret key) to finally join those to the request.
Amazon requests the header "Host" to be explicitly defined… However Javascript strictly disallow setting it (and a bunch of others, for good reasons)
I must be missing something—how can I do this?
sources: http://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html - the example is in Python but it shows how server-side they intend to use the Host header
notes: I'm currently using POST; the example's comments describing the GET and query string mention the "Host" as well: it must exist as a header in the request
also: Using a similar setup, I managed to have a file uploaded from the client directly to an S3 bucket–the autorisation process is slightly different (no requirement for 'Host').
The
Host:header is being filled in and parsed from the given URL by the JS XHR itself when you execute it, same as withcurl, e.g....will automatically add the header
Host: example.org...For AWS you'll still need to add it to the
canonical_headerslist for signing though (and in all lowercase), as described in your linked example. That part has nothing to do with actually establishing a connection though.