MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-04-17 17:30:07 -04:00
Code Issues Packages Projects Releases Wiki Activity

Presign V2: Unescape non-std queries in urls (#3549)

Browse Source 
A client sends escaped characters in values of some query parameters in a presign url.
This commit properly unescapes queires to fix signature calculation.
This commit is contained in:
Anis Elleuch 2017-01-09 23:22:20 +01:00 committed by Harshavardhana
parent e1142e99f2
commit 95d9e47353
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/signature-v2.go
View File

@ -111,7 +111,11 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
case "Expires": case "Expires":
expires, err = url.QueryUnescape(keyval[1]) expires, err = url.QueryUnescape(keyval[1])
default: default:
filteredQueries = append(filteredQueries, query) unescapedQuery, qerr := url.QueryUnescape(query)
if qerr == nil {
filteredQueries = append(filteredQueries, unescapedQuery)
} else {
err = qerr
} }
} }
// Check if the query unescaped properly. // Check if the query unescaped properly.
@ -119,6 +123,7 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
errorIf(err, "Unable to unescape query values", queries) errorIf(err, "Unable to unescape query values", queries)
return ErrInvalidQueryParams return ErrInvalidQueryParams
} }
}
// Invalid access key. // Invalid access key.
if accessKey == "" { if accessKey == "" {