rust-s3
rust-s3 copied to clipboard
durch
Presigned URLs do not work with standard ports in the endpoint
Describe the bug
When bucket is created with custom region, if the endpoint contains standard port like 80. The returned presigned urls are wrong due to not having port in the URL. In other words, S3 server says invalid signature due to host mismatch.
To Reproduce
`
let region = Region::Custom {
region: "eu-central-1",
endpoint: "http://minio:80",
}
let credentials = Credentials::new( Some(&conf.access_key), Some(&conf.secret_access_key.value()), None, None, None, ).unwrap();
let bucket = Bucket::new(&conf.bucket_name, region, credentials) .unwrap() .with_path_style();
let url = bucket .presign_get(id, self.pre_signed_url_expiration, None) .await();` This returns something like below, note that it should be "minio:80" in the url:
http://minio/media/6ba23bdb-3acf-4f7d-afdb-?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=wNBySMD3O%2F20250313%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20250313T100549Z&X-Amz-Expires=10800&X-Amz-SignedHeaders=host&X-Amz-Signature=06d561d43990c0d5751e9b8438399afadf7dd8ff356400cef34f285856605509
Expected behavior A clear and concise description of what you expected to happen.
When we manually add :80 to the url, everything works fine. So, presigned url should be returned with port.
It should return the url with port for signature verification. It works fine for hosts with non-standard ports. For instance, if you use "http://minio:9000", url will be as below which is correct:
http://minio:9000/media/6ba23bdb-3acf-4f7d-afdb-?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=wNBySMD3O%2F20250313%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20250313T100549Z&X-Amz-Expires=10800&X-Amz-SignedHeaders=host&X-Amz-Signature=06d561d43990c0d5751e9b8438399afadf7dd8ff356400cef34f285856605509
Environment
- Rust version:
1.83 - lib version:
0.35.1
Additional context
This is happening due to internal use of Url::parse, then string formatting while returning the presigned url to the user.
