Google-cloud-ruby: POST Object v2/v4: error: Policy did not reference these fields: commit

Created on 15 Dec 2020  路  10Comments  路  Source: googleapis/google-cloud-ruby

Thanks for stopping by to let us know something could be better!

Environment details

Environment details
OS: MAC
Ruby version: ruby 2.4.9p362 (2019-10-02 revision 67824) [x86_64-darwin19]
Gem name and version: gem 'google-cloud-storage', '1.29.2'

ruby

V4/V2 process using Post Object throws error:

Steps to reproduce

Code example

def presigned_post(success_action_redirect:)
  conditions = [ ["starts-with", "$key", ""], {"success_action_redirect":success_action_redirect} ]

  result = self.class.bucket. generate_signed_post_policy_v4("#{inbox_prefix}#{Time.current.to_i}_${filename}", conditions: conditions, signer: gcs_signed_url(nil, nil, "POST"), issuer: ENV["GCS_SERVICE_ACCOUNT"] )
  fields = result.fields.merge!(success_action_redirect: success_action_redirect)
  result
end

FORM:
@presigned_post = presigned_post(success_action_redirect: files_processing_banker_final_qc_loan_tapes_url)
<div class="large-7 columns form-element-label">
  <form action="<%= @presigned_post.url %>" method="post" enctype="multipart/form-data">
    <% @presigned_post.fields.each do |name, value| %>
      <input type="hidden" name="<%= name %>" value="<%= value %>"/>
    <% end %>

    <div class="large-6 columns form-element-label">
      <%= label_tag :file_loan, "Choose CSV file to upload" %>
    </div>
    <div class="large-6 columns">
      <%= file_field_tag :file, id: :loan_file, class: 'tiny', accept: '.csv,.CSV' %>
    </div>

    <div class="large-6 columns form-element-label"></div>
    <div class="large-6 columns">
      <%= submit_tag 'Upload', id: 'loan_submit', class: 'button tiny' %>
    </div>
  </form>
</div>

Will pass if uploaded file Greater than 65MB
And when uploaded file less than 65MB it will fail Throwing below error:

<Error>
<Code>InvalidPolicyDocument</Code>
<Message>The content of the form does not meet the conditions specified in the policy document.</Message>
<Details>Policy did not reference these fields: commit</Details>
</Error>

For suppose if I add a policy condition with commit

conditions = [ ["starts-with", "$key", ""], ["starts-with", "$commit", ""], {"success_action_redirect":success_action_redirect}]

Then it passes for file size less than 65KB and
fails if file size is greater than 65KB with below error

<Error>
<Code>InvalidPolicyDocument</Code>
<Message>The content of the form does not meet the conditions specified in the policy document.</Message>
<Details>Missing commit</Details>
</Error>
storage question

All 10 comments

@chvreddy Can you please post the actual HTML for the form? In other words, not the ERB code with rails helpers such as:

<%= submit_tag 'Upload', id: 'loan_submit', class: 'button tiny' %>

But instead, the resulting HTML output, which should include the actual submit button with commit.

Thanks!

@quartzmo let me know if the below HTML output helps or are you looking for something else.

<form action="https://storage.googleapis.com/*" method="post" enctype="multipart/form-data">
      <input type="hidden" name="key" value="${filename}">
      <input type="hidden" name="GoogleAccessId" value="*.iam.gserviceaccount.com">
      <input type="hidden" name="signature" value="">
      <input type="hidden" name="policy" value=">
      <input type="hidden" name="success_action_redirect" value="http://localhost:3000/*">

    <div class="large-6 columns form-element-label">
      <label for="loan_tapes_file">Choose CSV file to upload</label>
    </div>
    <div class="large-6 columns">
      <input type="file" name="file" id="loan_file" class="tiny" accept=".csv,.CSV">
    </div>

    <div class="large-6 columns form-element-label"></div>
    <div class="large-6 columns">
      <input type="submit" name="commit" value="Upload" id="loan_submit" class="button tiny" disabled="">
    </div>
  </form>

I have been able to reproduce the error using the example HTML form using a policy document for Ruby. When I copy the output of the example to an HTML document, load it in the browser, select a file, and click the Upload File button, I get the following response:

<Error>
<Code>InvalidPolicyDocument</Code>
<Message>The content of the form does not meet the conditions specified in the policy document.</Message>
<Details>Policy did not reference these fields: submit</Details>
</Error>

I tried passing the submit field to generate_signed_post_policy_v4 as follows:

    fields = {
      "submit" => "Upload File"
    }
    post_object = bucket.generate_signed_post_policy_v4 "test-object", expires: 600, fields: fields

This produces a different error:

<Error>
<Code>InvalidPolicyDocument</Code>
<Message>The content of the form does not meet the conditions specified in the policy document.</Message>
<Details>Invalid exact match name: submit</Details>
</Error>

oh yeah same error as mine sine the submit tag name is commit for me whereas its submit in the example that you took
Also independent of file size are you getting this error?

I have been able to reproduce the error using the example HTML form using a policy document for Ruby. When I copy the output of the example to an HTML document, load it in the browser, select a file, and click the Upload File button, I get the following response:

<Error>
<Code>InvalidPolicyDocument</Code>
<Message>The content of the form does not meet the conditions specified in the policy document.</Message>
<Details>Policy did not reference these fields: submit</Details>
</Error>

I tried passing the submit field to generate_signed_post_policy_v4 as follows:

    fields = {
      "submit" => "Upload File"
    }
    post_object = bucket.generate_signed_post_policy_v4 "test-object", expires: 600, fields: fields

This produces a different error:

<Error>
<Code>InvalidPolicyDocument</Code>
<Message>The content of the form does not meet the conditions specified in the policy document.</Message>
<Details>Invalid exact match name: submit</Details>
</Error>

how about you try to add the submit field in the conditions as
conditions = [ ["starts-with", "$key", ""], ["starts-with", "$submit", ""]]

and add conditions to generate_signed_post_policy_v4

I observed in my testing that if you remove the name attribute from the submit button (change <input type="submit" name="commit" value="Upload" ... to <input type="submit" value="Upload" ...), the POST request succeeds.

I observed in my testing that if you remove the name attribute from the submit button (change <input type="submit" name="commit" value="Upload" ... to <input type="submit" value="Upload" ...), the POST request succeeds.

hmm, yeah that worked for me too.

Does this solution work for you? I checked this behavior with the GCS team and name in the submit input is not allowed by the service.

The only allowed form field names are listed here:

https://cloud.google.com/storage/docs/xml-api/post-object-forms#form_fields

that solution worked, created a rails helper method submit tag with name: nil and it solved the issue. Thanks!

Fantastic, that is the correct solution as far as I can tell. We appreciate this issue very much since it led to the docs samples fix in the PR linked above. Thank you!

Was this page helpful?
0 / 5 - 0 ratings