Actions
Bug #26965
closedCompliance to aws s3's relaxed query handling behaviour
Status:
Resolved
Priority:
Normal
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
mimic, luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
While s3 docs at https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html mention all params must be url encoded, s3's behaviour seems to be relaxed in its enforcement and allows for x-amz-credentials of the form access/<date>/<region>... where the url encoded form of access%2F<date> is expected as the canonical string.
Updated by Abhishek Lekshmanan over 5 years ago
- Status changed from New to In Progress
Updated by Casey Bodley over 5 years ago
- Related to Bug #35993: AWSv4 presigned signature misses quoting on X-Amz-Credential added
Updated by Dan van der Ster about 5 years ago
This was merged and released in nautilus. Do you still plan the backports?
(We saw this in prod, see https://github.com/GoogleContainerTools/jib/issues/1590)
Updated by Dan van der Ster about 5 years ago
(btw, the backport depends on #23587)
Updated by Matt Benjamin about 5 years ago
- Status changed from 7 to Pending Backport
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #39357: mimic: Compliance to aws s3's relaxed query handling behaviour added
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #39358: luminous: Compliance to aws s3's relaxed query handling behaviour added
Updated by Nathan Cutler almost 5 years ago
- Status changed from Pending Backport to Resolved
Actions