addons-server: Signing of of large google chrome extensions are failing via API

This a google chrome extension here - https://chrome.google.com/webstore/detail/mediacore-capture/enddmcjcfojolegmdogekfpfbobmkioo

I download it, and convert it to CRX. I then convert it to XPI. Both files are attached here.

Now when I try to upload this with the signing API, it takes about 10minutes and then I get 401 for “Signature expired”. I do a api request to check for this addon with https://addons.mozilla.org/api/v3/addons/enddmcjcfojolegmdogekfpfbobmkioo%40chrome-store-foxified-3826191121/versions/1.2.0.1/.

Is there anyway for the API to upload large files? This one is 20mb.

Aside - This specific addon uses NaCl so I expect it to fail the validation, but the signing API should tell us.

Attachments - Please rename the CRX.zip to .CRX and the XPI.zip to .xpi. Github wasn’t allowing me to upload them. MediaCore Capture - Version 1.2.0.1 - UNSIGNED - XPI.zip

MediaCore Capture - Version 1.2.0.1 CRX.zip

About this issue

Original URL
State: closed
Created 8 years ago
Comments: 35 (8 by maintainers)

Commits related to this issue

2.0b.rev31 * Trying to resolve the uploading taking to long issue, filed a bug - https://github.com/mozilla/addons-server/issues/2802 — committed to Noitidart/Chrome-Store-Foxified by Noitidart 8 years ago
Increase JWT token lifetime to 5 minutes. This should fix even rare problems with large and slow uploads for signing. Fixes #2802 — committed to mozilla/addons-server by EnTeQuAk 8 years ago
2.4b.rev2 * Extended timeout to 5min per https://github.com/mozilla/addons-server/issues/2802#issuecomment-252651643 — committed to Noitidart/Chrome-Store-Foxified by Noitidart 8 years ago

Most upvoted comments

It’s not the time that it takes to sign the add-on it’s the time that it takes for django to accept the upload.

I was able to reproduce this locally using a proxy that throttles the connection. Uploading without throttling works fine, throttle to take more than a minute and I get Signature has expired..

Since django doesn’t call our view until the file upload is in memory by the time we can check the JWT it is already expired.

Increasing the timeout seems the easiest. I don’t see anything on the request object that could give us the time. There’s a request._request._start_time property but it doesn’t seem to show the time that we want.

mstriemer on Sep 24, 2016