Your R2 presigned URL has a shorter TTL than you think — here's why (opens in new tab)

A 3600-second presigned URL expiring after 38 minutes isn't a permissions bug. It's a clock skew bug — and it took me an NTP issue on my dev laptop to finally see it clearly. R2's presigned URL validation is S3-compatible, which means expiry is calculated from the X-Amz-Date value baked into the URL at signing time — not from wall-clock time at first use. If the Worker PoP that signs the URL has a clock 30 seconds ahead of the PoP that validates the request, you silently lose 30 seconds off t...