Actions
Bug #20797
closedrgw: putting X-Object-Manifest via TempURL should be prohibited
% Done:
0%
Source:
Development
Tags:
Backport:
luminous mimic nautilus
Regression:
No
Severity:
3 - minor
Reviewed:
Description
test.functional.test_tempurl:TestTempURLPrefix.test_PUT_manifest_access of Swift's functional tests enforces that.
It seems RadosGW lacks this check even in Hammer. Traffic dump made on quite recent master:
###### T 127.0.0.1:58976 -> 127.0.0.1:8000 [AP] PUT /v1/AUTH_test/713f16de3c1c4f03b9c52ec57ffd1c2f/004f0bcd1e17405797685b2178d1fa2d?temp_url_prefix=004f&temp_url_expires=1501256279&temp_url_sig=ac9a0e60b29705a645b092ad203973b625b2555a HTTP/1.1. Host: 127.0.0.1:8000. Accept-Encoding: identity. Content-Length: 0. x-object-manifest: some_random_container/foo. Content-Type: application/octet-stream. . #### T 127.0.0.1:8000 -> 127.0.0.1:58976 [AP] HTTP/1.1 201 Created. etag: d41d8cd98f00b204e9800998ecf8427e. Last-Modified: Thu, 27 Jul 2017 15:38:00 GMT. X-Trans-Id: tx0000000000000000000ab-00597a08d7-1112-default. X-Openstack-Request-Id: tx0000000000000000000ab-00597a08d7-1112-default. Content-Type: text/plain; charset=utf-8. Content-Length: 0. Date: Thu, 27 Jul 2017 15:38:00 GMT. .
Updated by Radoslaw Zarzynski over 6 years ago
- Status changed from New to In Progress
Updated by Radoslaw Zarzynski over 6 years ago
- Status changed from In Progress to Fix Under Review
Updated by Casey Bodley almost 5 years ago
- Status changed from Fix Under Review to Pending Backport
- Backport set to luminous mimic nautilus
Updated by Nathan Cutler almost 5 years ago
- Copied to Backport #40132: luminous: rgw: putting X-Object-Manifest via TempURL should be prohibited added
Updated by Nathan Cutler almost 5 years ago
- Copied to Backport #40133: mimic: rgw: putting X-Object-Manifest via TempURL should be prohibited added
Updated by Nathan Cutler almost 5 years ago
- Copied to Backport #40134: nautilus: rgw: putting X-Object-Manifest via TempURL should be prohibited added
Updated by Nathan Cutler over 4 years ago
- Status changed from Pending Backport to Resolved
While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".
Actions