Pre-signed URLs

Pre-signed URLs allow you to grant temporary access to objects without sharing your AccessKeys. They are useful for private buckets where you want to allow a user to download or upload a specific file.

Generating a Download URL

Generate a URL that expires in 1 hour (3600 seconds).

$timeout = 3600;
$signedUrl = $ossClient->signUrl($bucket, "private-video.mp4", $timeout);

echo "Download link: " . $signedUrl;

Generating an Upload URL

You can also generate a URL that allows a client to perform a PUT request to upload a file.

$timeout = 3600;
$signedUrl = $ossClient->signUrl($bucket, "upload-here.txt", $timeout, "PUT");

// A client can now upload using:
// curl -X PUT -T "localfile.txt" "$signedUrl"

Adding Response Headers

You can override response headers (like Content-Disposition) within the signed URL.

$options = [
    'response-content-disposition' => 'attachment; filename="custom-name.zip"'
];
$signedUrl = $ossClient->signUrl($bucket, $object, 3600, "GET", $options);

Signature Versions

The URL generation logic respects the signatureVersion configured in the OssClient. Use V4 for the most robust security profile.