mod_s3_upload: use a more random prefix

This makes it significantly more difficult to enumerate the uploaded files. In addition, putting files in smaller folders mitigates S3 issues related to having too many files in a single folder.
processone · Jun 29, 2023 · 88229e9 · 88229e9
1 parent c455232
commit 88229e9
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/mod_s3_upload/src/mod_s3_upload.erl b/mod_s3_upload/src/mod_s3_upload.erl
@@ -474,6 +474,9 @@ object_url(BucketURL, ObjectName) ->
           ObjectName :: binary().
 % generate reasonably unique sortable (by time first) object name.
 object_name(Filename) ->
-    str:format("~.36B~.36B-~s", [os:system_time(microsecond),
-                                 erlang:phash2(node()),
-                                 uri_string:quote(Filename)]).
+    <<RandomPrefix:128/big-unsigned-integer>> = crypto:strong_rand_bytes(16),
+    RandomPrefixS = str:format("~32.16.0b", [RandomPrefix]),
+    FolderName = str:substr(RandomPrefixS, 1, 2),
+    str:format("~s/~s-~s", [FolderName,
+                            RandomPrefixS,
+                            uri_string:quote(Filename)]).