MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add extensive endpoints validation (#4019)

Browse Source
This commit is contained in:
Bala FA
2017-04-12 04:14:27 +05:30
committed by Harshavardhana
parent 1b1b9e4801
commit de204a0a52
48 changed files with 1432 additions and 2269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
cmd/signature-v2.go
View File

@@ -85,8 +85,12 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
cred := serverConfig.GetCredential()
// r.RequestURI will have raw encoded URI as sent by the client.
splits := splitStr(r.RequestURI, "?", 2)
encodedResource, encodedQuery := splits[0], splits[1]
tokens := strings.SplitN(r.RequestURI, "?", 2)
encodedResource := tokens[0]
encodedQuery := ""
if len(tokens) == 2 {
encodedQuery = tokens[1]
}
queries := strings.Split(encodedQuery, "&")
var filteredQueries []string
@@ -206,8 +210,12 @@ func doesSignV2Match(r *http.Request) APIErrorCode {
}
// r.RequestURI will have raw encoded URI as sent by the client.
splits := splitStr(r.RequestURI, "?", 2)
encodedResource, encodedQuery := splits[0], splits[1]
tokens := strings.SplitN(r.RequestURI, "?", 2)
encodedResource := tokens[0]
encodedQuery := ""
if len(tokens) == 2 {
encodedQuery = tokens[1]
}
expectedAuth := signatureV2(r.Method, encodedResource, encodedQuery, r.Header)
if v2Auth != expectedAuth {