From d6572879a84b89a2772673e1b5fb439ccc224bf0 Mon Sep 17 00:00:00 2001
From: Harshavardhana <harsha@minio.io>
Date: Tue, 13 Nov 2018 15:53:06 -0800
Subject: [PATCH] Check for STS Action first to allow browser requests (#6796)

---
 cmd/auth-handler.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cmd/auth-handler.go b/cmd/auth-handler.go
index 27b2fea39..138b5471d 100644
--- a/cmd/auth-handler.go
+++ b/cmd/auth-handler.go
@@ -109,10 +109,10 @@ func getRequestAuthType(r *http.Request) authType {
 		return authTypeJWT
 	} else if isRequestPostPolicySignatureV4(r) {
 		return authTypePostPolicy
-	} else if _, ok := r.Header["Authorization"]; !ok {
-		return authTypeAnonymous
 	} else if _, ok := r.URL.Query()["Action"]; ok {
 		return authTypeSTS
+	} else if _, ok := r.Header["Authorization"]; !ok {
+		return authTypeAnonymous
 	}
 	return authTypeUnknown
 }
@@ -395,6 +395,9 @@ func (a authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 		a.handler.ServeHTTP(w, r)
 		return
+	} else if aType == authTypeSTS {
+		a.handler.ServeHTTP(w, r)
+		return
 	}
 	writeErrorResponse(w, ErrSignatureVersionNotSupported, r.URL)
 }