MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

signature-v2: encode path and query strings when calculating signature (#3253)

Browse Source
This commit is contained in:
Anis Elleuch
2016-11-14 19:23:21 +01:00
committed by Harshavardhana
parent f234c35020
commit b8f0d9352f
2 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/signature-v2.go
View File

@@ -191,17 +191,20 @@ func doesSignV2Match(r *http.Request) APIErrorCode {
return apiError
}
// url.RawPath will be valid if path has any encoded characters, if not it will
// be empty - in which case we need to consider url.Path (bug in net/http?)
// Encode path:
// url.RawPath will be valid if path has any encoded characters, if not it will
// be empty - in which case we need to consider url.Path (bug in net/http?)
encodedResource := r.URL.RawPath
encodedQuery := r.URL.RawQuery
if encodedResource == "" {
splits := strings.Split(r.URL.Path, "?")
if len(splits) > 0 {
encodedResource = splits[0]
encodedResource = getURLEncodedName(splits[0])
}
}
// Encode query strings
encodedQuery := r.URL.Query().Encode()
expectedAuth := signatureV2(r.Method, encodedResource, encodedQuery, r.Header)
if v2Auth != expectedAuth {
return ErrSignatureDoesNotMatch