mirror
/
s3proxy
kopia lustrzana https://github.com/gaul/s3proxy
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Porównaj commity

baza: mirror:19897069b416163806a26044d4f2bc6c512734d2
Gałęzie Tagi
mirror:master
mirror:dependabot/maven/org.testng-testng-7.10.2
mirror:dependabot/maven/org.gaul-modernizer-maven-plugin-2.8.0
mirror:bug/ci-fix
mirror:fix-s3-tests
mirror:require-content-md5
mirror:error-prone
mirror:opaque-etag
mirror:blobstore-locator
mirror:javascript
mirror:async
mirror:s3proxy-2.2.0
mirror:s3proxy-2.1.0
mirror:s3proxy-2.0.0
mirror:s3proxy-1.9.0
mirror:s3proxy-1.8.0
mirror:s3proxy-1.7.1
mirror:s3proxy-1.7.0
mirror:s3proxy-1.6.2
mirror:s3proxy-1.6.1
mirror:s3proxy-1.6.0
mirror:s3proxy-1.5.5
mirror:s3proxy-1.5.4
mirror:s3proxy-1.5.3
mirror:s3proxy-1.5.2
mirror:s3proxy-1.5.1
mirror:s3proxy-1.5.0
mirror:s3proxy-1.5.0-prerelease
mirror:s3proxy-1.4.0
mirror:s3proxy-1.3.0
mirror:s3proxy-1.2.0
mirror:s3proxy-1.1.0
mirror:s3proxy-1.0.0
...
porównaj: mirror:dd73dff0acf2e22f328f22dd0b84b04c3b48a331
Gałęzie Tagi
mirror:master
mirror:dependabot/maven/org.testng-testng-7.10.2
mirror:dependabot/maven/org.gaul-modernizer-maven-plugin-2.8.0
mirror:bug/ci-fix
mirror:fix-s3-tests
mirror:require-content-md5
mirror:error-prone
mirror:opaque-etag
mirror:blobstore-locator
mirror:javascript
mirror:async
mirror:s3proxy-2.2.0
mirror:s3proxy-2.1.0
mirror:s3proxy-2.0.0
mirror:s3proxy-1.9.0
mirror:s3proxy-1.8.0
mirror:s3proxy-1.7.1
mirror:s3proxy-1.7.0
mirror:s3proxy-1.6.2
mirror:s3proxy-1.6.1
mirror:s3proxy-1.6.0
mirror:s3proxy-1.5.5
mirror:s3proxy-1.5.4
mirror:s3proxy-1.5.3
mirror:s3proxy-1.5.2
mirror:s3proxy-1.5.1
mirror:s3proxy-1.5.0
mirror:s3proxy-1.5.0-prerelease
mirror:s3proxy-1.4.0
mirror:s3proxy-1.3.0
mirror:s3proxy-1.2.0
mirror:s3proxy-1.1.0
mirror:s3proxy-1.0.0

4 Commity
19897069b4 ... dd73dff0ac

Autor SHA1 Wiadomość Data
dependabot[bot] dd73dff0ac Bump org.skife.maven:really-executable-jar-maven-plugin 
Bumps [org.skife.maven:really-executable-jar-maven-plugin](https://github.com/brianm/really-executable-jar-maven-plugin) from 1.5.0 to 2.1.1.
- [Commits](https://github.com/brianm/really-executable-jar-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: org.skife.maven:really-executable-jar-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-07 13:49:26 +09:00
momez 435eb37bf8 Remove tests that expect signature failure on OPTIONS preflight 
References #411.
 2024-02-07 13:16:53 +09:00
Andrew Gaul b1453bd8f6 Specify inputFile to resolve ambiguity 
Required by really-executable-jars 2.1.0 and newer
 2024-02-07 13:11:27 +09:00
momez 6bb0250103 Do not perform signature check for OPTIONS verb 
Fixes #411.
 2024-02-07 13:09:06 +09:00
3 zmienionych plików z 5 dodań i 55 usunięć
Pokaż statystyki Expand all files Collapse all files

3
pom.xml
Wyświetl plik

@ -313,8 +313,9 @@
<plugin>
<groupId>org.skife.maven</groupId>
<artifactId>really-executable-jar-maven-plugin</artifactId>
<version>1.5.0</version>
<version>2.1.1</version>
<configuration>
<inputFile>target/s3proxy-${version}-jar-with-dependencies.jar</inputFile>
<programFile>s3proxy</programFile>
</configuration>
<executions>

5
src/main/java/org/gaul/s3proxy/S3ProxyHandler.java
Wyświetl plik

@ -612,8 +612,9 @@ public class S3ProxyHandler {
}
}
if (!constantTimeEquals(expectedSignature,
authHeader.getSignature())) {
// AWS does not check signatures with OPTIONS verb
if (!method.equals("OPTIONS") && !constantTimeEquals(
expectedSignature, authHeader.getSignature())) {
throw new S3Exception(S3ErrorCode.SIGNATURE_DOES_NOT_MATCH);
}
}

52
src/test/java/org/gaul/s3proxy/CrossOriginResourceSharingResponseTest.java
Wyświetl plik

@ -137,58 +137,6 @@ public final class CrossOriginResourceSharingResponseTest {
}
}
@Test
public void testCorsPreflightNegative() throws Exception {
// No CORS headers
HttpOptions request = new HttpOptions(presignedGET);
HttpResponse response = httpClient.execute(request);
/*
* For non presigned URLs that should give a 400, but the
* Access-Control-Request-Method header is needed for presigned URLs
* to calculate the same signature. If this is missing it fails already
* with 403 - Signature mismatch before processing the OPTIONS request
* See testCorsPreflightPublicRead for that cases
*/
assertThat(response.getStatusLine().getStatusCode())
.isEqualTo(HttpStatus.SC_FORBIDDEN);
// Not allowed origin
request.reset();
request.setHeader(HttpHeaders.ORIGIN, "https://example.org");
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
response = httpClient.execute(request);
assertThat(response.getStatusLine().getStatusCode())
.isEqualTo(HttpStatus.SC_FORBIDDEN);
// Not allowed method
request.reset();
request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "PATCH");
response = httpClient.execute(request);
assertThat(response.getStatusLine().getStatusCode())
.isEqualTo(HttpStatus.SC_FORBIDDEN);
// Not allowed header
request.reset();
request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS,
"Accept-Encoding");
response = httpClient.execute(request);
assertThat(response.getStatusLine().getStatusCode())
.isEqualTo(HttpStatus.SC_FORBIDDEN);
// Not allowed header combination
request.reset();
request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS,
"Accept, Accept-Encoding");
response = httpClient.execute(request);
assertThat(response.getStatusLine().getStatusCode())
.isEqualTo(HttpStatus.SC_FORBIDDEN);
}
@Test
public void testCorsPreflight() throws Exception {
// Allowed origin and method