You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am experiencing behavior outlined in this issue using the most recent version Release v2.10.15 - 2017-07-20 of the SDK
Specifically, I am generating presigned PUT urls with the #presigned_url method and passing it the server_side_encryption: "AES256" option and the acl: "private" option.
This is generating URLs with this parameter in the query string
These URLs return an error with "unsigned header present" in the message when I include the x-amz-server-side-encryption and the header in my request to the URL.
<Message>There were headers present in the request which were not signed</Message>
<HeadersNotSigned>x-amz-server-side-encryption,x-amz-acl</HeadersNotSigned>
If it's helpful, the same options passed to the Java SDK result in a query string with that same parameter formatted this way:
Appreciate the feedback! So this is the same issue in the refer, long story short, it's a issue in S3 side, S3 should have check query string only, yet it's still checking both signed headers and headers in the request.
However, fixing that will break existing customers. The querystring itself doesn't have a problem, temporary workaround would be using the aws-sigv4 gem as mentioned in the issue (allows custom header signing and headers in requests). Also I'll count your feedback a +1 for the enhancement in S3 presign feature : )
I am experiencing behavior outlined in this issue using the most recent version
Release v2.10.15 - 2017-07-20
of the SDKSpecifically, I am generating presigned PUT urls with the
#presigned_url
method and passing it theserver_side_encryption: "AES256"
option and theacl: "private"
option.This is generating URLs with this parameter in the query string
X-Amz-SignedHeaders\=host\&x-amz-acl\=private\&x-amz-server-side-encryption\=AES256\
These URLs return an error with "unsigned header present" in the message when I include the
x-amz-server-side-encryption
and the header in my request to the URL.If it's helpful, the same options passed to the Java SDK result in a query string with that same parameter formatted this way:
The URL with the above formatting works as expected.
This suggests to me that including that parameter somehow breaks the presigning algorithm.
The text was updated successfully, but these errors were encountered: