Actions
Bug #21581
closedencryption: reject requests that don't provide all expected headers
Status:
Resolved
Priority:
High
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
If someone want to upload an object using server-side encryption with providing customer key or kms key id, but not specify the encryption mode in the "x-amz-server-side-encryption-customer-algorithm" or "x-amz-server-side-encryption", the object will be uploaded successfully without encryption.
This is not a correct way to deal with it. It is better to return error.
Actions