K2V: double urlencoding #574
No reviewers
Labels
No Label
AdminAPI
Bug
Check AWS
CI
Correctness
Critical
Documentation
Ideas
Improvement
Low priority
Newcomer
Performance
S3 Compatibility
Testing
Usability
No Milestone
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Deuxfleurs/garage#574
Loading…
Reference in New Issue
No description provided.
Delete Branch "fix-k2v-urlencoding"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This is a proposal fix for #573. Since rusoto_signature double-urlencodes paths for all APIs except S3, then we will do the same when verifying signatures client-side. This page suggest that path segments must indeed be url-encoded twice (once by http, once by the signature calculation algorithm): https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-sign-process.html
EDIT: wrote an extensive comment in the source code with more explanation, go read that.
Fix #573
de39da1103
to92fdeb1c56
92fdeb1c56
to4420db7310