The + sign is also used to encode spaces, so it needs to be url encoded....

[rufman]

... Amazon does not like other chars such as = to be encoded in the signature, so encoding the whole url doesn't work

[lukasz-madon]

:+1: yes I had the same problem problem.

"HMAC request signatures must be Base64 encoded. Base64 encoding converts the signature into a simple ASCII string that can be attached to the request. Characters that could appear in the signature string like plus (+), forward slash (/), and equals (=) must be encoded if used in a URI. For example, if the authentication code includes a plus (+) sign, encode it as %2B in the request. Encode a forward slash as %2F and equals as %3D."

You don't need to encode in js, just remove decodeURIComponent and encode whole server side. Code: https://coderwall.com/p/56a9ja

[rpavez]

Use this: signature = signature.replace(/(<([^>]+)>)/ig,""); signature = signature.replace(/+/g, "%2B"); signature = signature.replace(///g, "%2F"); signature = signature.replace(/=/g, "%3D");

[tadruj]

Can you please provide some more info in which case this doesn't work? I'll try to avoid regexp hacks if possible.