Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Presigned URLs extra slash '/' between Hostaname and the ObjectPath for issue #119 #120

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

Sergei-Kraven
Copy link

I believe, these changes will fix the issue #119.

Feel free to leave any comments or suggestions.

@Sergei-Kraven Sergei-Kraven requested a review from a team as a code owner December 26, 2024 14:35
@Sergei-Kraven Sergei-Kraven requested review from inancgumus and joanlopez and removed request for a team December 26, 2024 14:35
@CLAassistant
Copy link

CLAassistant commented Dec 26, 2024

CLA assistant check
All committers have signed the CLA.

@Sergei-Kraven
Copy link
Author

Friendly ping @olegbespalov

Copy link
Member

@oleiade oleiade left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for taking the time to address this @Sergei-Kraven 👏🏻 much appreciated 🙇🏻

I think the fix makes sense, and seems to work indeed. But would you mind adding a test to ensure it does indeed, and protects us from a regression in the past?

Here's the test I wrote for myself while reviewing this, and put it directly at line 407 in tests/internal/signature.js:```
describe('should pre-sign requests without doubling encoding the url terminal slash', () => {
const { query, url } = signer.presign(
{
method: 'POST',
endpoint: new Endpoint('https://foo.us-bar-1.amazonaws.com/'),
path: '/foo.txt',
headers: {},
},
presigningOptions
)

            const expectedURL =                     'https://foo.us-bar-1.amazonaws.com/foo.txt'+
                '?X-Amz-Algorithm=AWS4-HMAC-SHA256'+
                '&X-Amz-Credential=foo%2F20000101%2Fus-bar-1%2Ffoo%2Faws4_request'+
                '&X-Amz-Date=20000101T000000Z'+
                '&X-Amz-Expires=1800'+
                '&X-Amz-Signature=c910d7bc4a4f9d5f3db5b0c266d78ddf2c61d0a77628d3adc342e2159ce19895'+
                '&X-Amz-SignedHeaders=host'

            console.log(`url: ${url}`)
            console.log(`expected url: ${expectedURL}`)
            expect(url).to.equal(expectedURL)
            expect(query).to.deep.equal({
                [AMZ_ALGORITHM_QUERY_PARAM]: SIGNING_ALGORITHM_IDENTIFIER,
                [AMZ_CREDENTIAL_QUERY_PARAM]: 'foo/20000101/us-bar-1/foo/aws4_request',
                [AMZ_DATE_QUERY_PARAM]: '20000101T000000Z',
                [AMZ_EXPIRES_QUERY_PARAM]: presigningOptions.expiresIn.toString(),
                [AMZ_SIGNED_HEADERS_QUERY_PARAM]: HOST_HEADER,
                [AMZ_SIGNATURE_QUERY_PARAM]:
                    'c910d7bc4a4f9d5f3db5b0c266d78ddf2c61d0a77628d3adc342e2159ce19895'
            })
        })

Feel free to adapt it 👍🏻 

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants