MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-01-11 15:03:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

signv4: Validate preSigned payload properly. (#2106)

Browse Source 
We need to only validate presigned payload only
if the payload is requested for, with default payload
i.e 'UNSIGNED-PAYLOAD' we don't need to validate.

Fixes #2105
This commit is contained in:
Harshavardhana 2016-07-05 21:00:20 -07:00 committed by GitHub
parent 44ae7a037b
commit 7bde27032d
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
signature-v4.go
View File

@ -217,7 +217,8 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, validate
}
// Hashed payload mismatch, return content sha256 mismatch.
if hashedPayload != req.URL.Query().Get("X-Amz-Content-Sha256") {
contentSha256 := req.URL.Query().Get("X-Amz-Content-Sha256")
if contentSha256 != "" && hashedPayload != contentSha256 {
return ErrContentSHA256Mismatch
}
@ -238,7 +239,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, validate
// Construct new query.
query := make(url.Values)
if req.URL.Query().Get("X-Amz-Content-Sha256") != "" {
if contentSha256 != "" {
query.Set("X-Amz-Content-Sha256", hashedPayload)
}