Cloudflare R2 Uploader

Direct browser upload to Cloudflare R2 storage, bypass official 300MB limit

R2 Configuration

1Paste S3 API Address

Copy full address from R2 Bucket → Settings → S3 API

2Fill API Tokens

Access Key ID

Secret Access Key

Upload Path (optional)

Security Tip: Config stored in sessionStorage, auto-cleared on page close.

3CORS Configuration

Add the following config in R2 Bucket → Settings → CORS Policy:

[{
  "AllowedOrigins": ["*"],
  "AllowedMethods": ["GET","PUT","POST","DELETE","HEAD"],
  "AllowedHeaders": ["*"],
  "ExposeHeaders": ["ETag"]
}]

⚠️ Must include ExposeHeaders: ["ETag"], otherwise multipart upload will fail

Upload Files

Click or drag files here

Direct upload to R2, no server relay

Supports large file upload (auto multipart), recommend max 5GB per file

Bucket Files

(0 files)

No files

Configure R2 params and click "Refresh" to view file list

Features

Powerful and secure R2 file upload solution

Direct Upload

Files upload directly from browser to R2, no server relay, faster and more secure

Bypass 300MB Limit

Using multipart upload technology, supports files exceeding official 300MB limit, max 5GB

Real-time Progress

Shows real upload progress, supports multiple files, large files auto multipart with concurrent upload

Flexible Config

Supports custom upload path, generate temporary or permanent public links

File Management

Browse bucket files, delete files, copy file links, all-in-one management

Safe & Reliable

Config only stored in browser session, auto-cleared on page close, protects your keys

FAQ

Common questions about R2 Uploader

Why can it bypass Cloudflare R2 official 300MB upload limit?

Cloudflare R2 official console 300MB limit is a web interface limit. This tool uses S3 compatible API for multipart upload, splitting large files into small chunks for parallel upload, then merging into complete file. This is a standard S3 feature, theoretically supports up to 5TB single file upload.

Is my API key safe?

Your API key is only stored in browser's sessionStorage, auto-cleared when browser tab closes. Keys are never uploaded to any server, all operations complete in your browser, communicating directly with Cloudflare R2. Recommend creating API Token with only necessary permissions, and delete after use.

Upload fails with CORS error?

Need to configure CORS policy in R2 bucket settings. Click Step 3 "View Example" button, follow the guide to configure CORS. Note that ExposeHeaders: ["ETag"] is required, otherwise multipart upload will fail.

How to get public access link for files?

Two ways: 1) Temporary link: Click copy button in file list, generate signed presigned URL, max 7 days validity; 2) Permanent link: Enable public access in R2 console, get public URL then enter in popup to generate permanent public link.

Upload speed slow or frequent timeout?

Upload speed mainly depends on your network bandwidth and latency to Cloudflare nodes. Suggestions: Check network connection stability; Avoid other large traffic operations; If using VPN, try switching nodes or disable VPN; Large files auto multipart concurrent upload, timeout auto extends based on file size.

What file types supported? Size limits?

Supports all file types, no format restrictions. Single file max recommended 5GB (S3 multipart upload actual limit is 5TB, but browser memory may be bottleneck). Can upload multiple files at once, system auto queues processing.