duckdb-wasm icon indicating copy to clipboard operation
duckdb-wasm copied to clipboard
verified publisher icon duckdb

Fix s3 endpoint paths

Open gregnr opened this issue 2 months ago • 0 comments

When the s3_endpoint URL contains a path (e.g. https://s3.example.com/some/path) and S3 path-style access is used, s3 requests fail with a 403 Forbidden due to an incorrect AWS AWS4-HMAC-SHA256 signature.

With the above example endpoint, the current logic will:

  1. set host to s3.example.com/some/path
  2. set path /<bucket-name>/<requested-path>

This PR corrects this to:

  1. set host to s3.example.com
  2. set path /some/path/<bucket-name>/<requested-path>

Which fixes the downstream signature that is generated from those values.

An example of an S3-compatible endpoint that does this in practice is Supabase's Storage API, which serves the s3 endpoint from:

https://<project-ref>.storage.supabase.co/storage/v1/s3

gregnr avatar Dec 09 '25 22:12 gregnr