Content-Length is excluded from signed header in presigned_url method

[okriuchykhin]

Issue description

Hi,
in aws-sdk-s3/lib/aws-sdk-s3/presigner.rb#build_signer, 'content-length' is included in unsigned_headers with remark 'due to a ELB bug'. Looks like that code is at least 3 years old.
Is it still true that Content-Length should be excluded from signed header?

I would like to use Content-Length header for restricting client's uploads, which use presigned URLs.

I removed 'content-length' from unsigned_headers with code below and uploads seemed to be working without any issues.

Gem name

aws-sdk-s3 1.46.0

Version of Ruby, OS environment

N/A

Code snippets / steps to reproduce

module S3SignerModifier
    def build_signer(cfg)
      signer = super(cfg)
      signer.unsigned_headers.delete('content-length')
      signer
    end
  end

  Aws::S3::Presigner.class_eval do
    prepend S3SignerModifier
  end

[cjyclaire]

Thanks for the feedback! Unfortunately, it still stays the same for some scenarios that we cannot move it out from blacklist, but we have been considering providing a whitelist option for those :unsigned_headers.

Having to patch over signer is definitely not an idea solution, does above whitelist option sounds good to you if available?

[okriuchykhin]

Yes, I think adding whitelist option will be perfectly fine for my use case. Thanks!