Presign V2: Unescape non-std queries in urls (#3549)

A client sends escaped characters in values of some query parameters in a presign url.
This commit properly unescapes queires to fix signature calculation.
master
Anis Elleuch 8 years ago committed by Harshavardhana
parent e1142e99f2
commit 95d9e47353
  1. 7
      cmd/signature-v2.go

@ -111,7 +111,11 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
case "Expires": case "Expires":
expires, err = url.QueryUnescape(keyval[1]) expires, err = url.QueryUnescape(keyval[1])
default: default:
filteredQueries = append(filteredQueries, query) unescapedQuery, qerr := url.QueryUnescape(query)
if qerr == nil {
filteredQueries = append(filteredQueries, unescapedQuery)
} else {
err = qerr
} }
} }
// Check if the query unescaped properly. // Check if the query unescaped properly.
@ -119,6 +123,7 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
errorIf(err, "Unable to unescape query values", queries) errorIf(err, "Unable to unescape query values", queries)
return ErrInvalidQueryParams return ErrInvalidQueryParams
} }
}
// Invalid access key. // Invalid access key.
if accessKey == "" { if accessKey == "" {

Loading…
Cancel
Save