mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Presign V2: Unescape non-std queries in urls (#3549)
A client sends escaped characters in values of some query parameters in a presign url. This commit properly unescapes queires to fix signature calculation.
This commit is contained in:
parent
e1142e99f2
commit
95d9e47353
@ -111,13 +111,18 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
|
||||
case "Expires":
|
||||
expires, err = url.QueryUnescape(keyval[1])
|
||||
default:
|
||||
filteredQueries = append(filteredQueries, query)
|
||||
unescapedQuery, qerr := url.QueryUnescape(query)
|
||||
if qerr == nil {
|
||||
filteredQueries = append(filteredQueries, unescapedQuery)
|
||||
} else {
|
||||
err = qerr
|
||||
}
|
||||
}
|
||||
// Check if the query unescaped properly.
|
||||
if err != nil {
|
||||
errorIf(err, "Unable to unescape query values", queries)
|
||||
return ErrInvalidQueryParams
|
||||
}
|
||||
}
|
||||
// Check if the query unescaped properly.
|
||||
if err != nil {
|
||||
errorIf(err, "Unable to unescape query values", queries)
|
||||
return ErrInvalidQueryParams
|
||||
}
|
||||
|
||||
// Invalid access key.
|
||||
|
Loading…
Reference in New Issue
Block a user