Check for STS Action first to allow browser requests (#6796)

6 years ago · d6572879a8
parent b6ab8f50fa
commit d6572879a8
1 changed files with 5 additions and 2 deletions
--- a/cmd/auth-handler.go
+++ b/cmd/auth-handler.go
@ -109,10 +109,10 @@ func getRequestAuthType(r *http.Request) authType {
 		return authTypeJWT
 	} else if isRequestPostPolicySignatureV4(r) {
 		return authTypePostPolicy
-	} else if _, ok := r.Header["Authorization"]; !ok {
-		return authTypeAnonymous
 	} else if _, ok := r.URL.Query()["Action"]; ok {
 		return authTypeSTS
+	} else if _, ok := r.Header["Authorization"]; !ok {
+		return authTypeAnonymous
 	}
 	return authTypeUnknown
 }
@ -395,6 +395,9 @@ func (a authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 		a.handler.ServeHTTP(w, r)
 		return
+	} else if aType == authTypeSTS {
+		a.handler.ServeHTTP(w, r)
+		return
 	}
 	writeErrorResponse(w, ErrSignatureVersionNotSupported, r.URL)
 }