Expiration needs to be set in UTC

[Prinzhorn]

The defaultExpireTime uses the local time as do the examples in the docs. If you're ahead of UTC (e.g most of Europe) the links are expired as you create them. If you're behind UTC (e.g. all of USA) the links is valid longer than you think.

aws-cloudfront-sign/lib/cloudfrontUtil.js

Line 141 in a8d5579

var defaultExpireTime = Math.round(Date.now() + 1800000);

There is not a really nice way in JavaScript without resorting to Moment.js or the like. https://stackoverflow.com/questions/948532/how-do-you-convert-a-javascript-date-to-utc

var now = new Date(); 
var nowUTC = new Date(now.getUTCFullYear(), now.getUTCMonth(), now.getUTCDate(),  now.getUTCHours(), now.getUTCMinutes(), now.getUTCSeconds());
var defaultExpireTime = Math.round(nowUTC.getTime() + 1800000);

Moment.js

moment().utc().add(1, 'day')

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html

{"AWS:EpochTime":required ending date and time in Unix time format and UTC}

[drone1]

This seems like a real issue. No updates since almost a year, though. What's the deal?

[hackash]

If you check this line

https://github.com/jasonsims/aws-cloudfront-sign/blob/master/lib/CannedPolicy.js#L10

expireTime is divided into 1000 which makes it becomes compliant UTC