kopia lustrzana https://github.com/gaul/s3proxy
Porównaj commity
4 Commity
19897069b4
...
dd73dff0ac
Autor | SHA1 | Data |
---|---|---|
dependabot[bot] | dd73dff0ac | |
momez | 435eb37bf8 | |
Andrew Gaul | b1453bd8f6 | |
momez | 6bb0250103 |
3
pom.xml
3
pom.xml
|
@ -313,8 +313,9 @@
|
|||
<plugin>
|
||||
<groupId>org.skife.maven</groupId>
|
||||
<artifactId>really-executable-jar-maven-plugin</artifactId>
|
||||
<version>1.5.0</version>
|
||||
<version>2.1.1</version>
|
||||
<configuration>
|
||||
<inputFile>target/s3proxy-${version}-jar-with-dependencies.jar</inputFile>
|
||||
<programFile>s3proxy</programFile>
|
||||
</configuration>
|
||||
<executions>
|
||||
|
|
|
@ -612,8 +612,9 @@ public class S3ProxyHandler {
|
|||
}
|
||||
}
|
||||
|
||||
if (!constantTimeEquals(expectedSignature,
|
||||
authHeader.getSignature())) {
|
||||
// AWS does not check signatures with OPTIONS verb
|
||||
if (!method.equals("OPTIONS") && !constantTimeEquals(
|
||||
expectedSignature, authHeader.getSignature())) {
|
||||
throw new S3Exception(S3ErrorCode.SIGNATURE_DOES_NOT_MATCH);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -137,58 +137,6 @@ public final class CrossOriginResourceSharingResponseTest {
|
|||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCorsPreflightNegative() throws Exception {
|
||||
// No CORS headers
|
||||
HttpOptions request = new HttpOptions(presignedGET);
|
||||
HttpResponse response = httpClient.execute(request);
|
||||
/*
|
||||
* For non presigned URLs that should give a 400, but the
|
||||
* Access-Control-Request-Method header is needed for presigned URLs
|
||||
* to calculate the same signature. If this is missing it fails already
|
||||
* with 403 - Signature mismatch before processing the OPTIONS request
|
||||
* See testCorsPreflightPublicRead for that cases
|
||||
*/
|
||||
assertThat(response.getStatusLine().getStatusCode())
|
||||
.isEqualTo(HttpStatus.SC_FORBIDDEN);
|
||||
|
||||
// Not allowed origin
|
||||
request.reset();
|
||||
request.setHeader(HttpHeaders.ORIGIN, "https://example.org");
|
||||
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
response = httpClient.execute(request);
|
||||
assertThat(response.getStatusLine().getStatusCode())
|
||||
.isEqualTo(HttpStatus.SC_FORBIDDEN);
|
||||
|
||||
// Not allowed method
|
||||
request.reset();
|
||||
request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
|
||||
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "PATCH");
|
||||
response = httpClient.execute(request);
|
||||
assertThat(response.getStatusLine().getStatusCode())
|
||||
.isEqualTo(HttpStatus.SC_FORBIDDEN);
|
||||
|
||||
// Not allowed header
|
||||
request.reset();
|
||||
request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
|
||||
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS,
|
||||
"Accept-Encoding");
|
||||
response = httpClient.execute(request);
|
||||
assertThat(response.getStatusLine().getStatusCode())
|
||||
.isEqualTo(HttpStatus.SC_FORBIDDEN);
|
||||
|
||||
// Not allowed header combination
|
||||
request.reset();
|
||||
request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
|
||||
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS,
|
||||
"Accept, Accept-Encoding");
|
||||
response = httpClient.execute(request);
|
||||
assertThat(response.getStatusLine().getStatusCode())
|
||||
.isEqualTo(HttpStatus.SC_FORBIDDEN);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCorsPreflight() throws Exception {
|
||||
// Allowed origin and method
|
||||
|
|
Ładowanie…
Reference in New Issue