Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove Transfer-Encoding from signed headers #3351

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Remove Transfer-Encoding from signed headers #3351

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changes/next-release/bugfix-Signing-82847.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"type": "bugfix",
"category": "Signing",
"description": "No longer sign transfer-encoding header for SigV4"
}
1 change: 1 addition & 0 deletions botocore/auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@
SIGV4_TIMESTAMP = '%Y%m%dT%H%M%SZ'
SIGNED_HEADERS_BLACKLIST = [
'expect',
'transfer-encoding',
'user-agent',
'x-amzn-trace-id',
]
Expand Down
17 changes: 10 additions & 7 deletions tests/unit/auth/test_signers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -374,7 +374,7 @@ def test_query_string_params_in_urls(self):
cqs = self.auth.canonical_query_string(request)
self.assertEqual('marker=%C3%A4%C3%B6%C3%BC-01.txt&prefix=', cqs)

def _test_blacklist_header(self, header, value):
def _test_blocklist_header(self, header, value):
request = AWSRequest()
request.url = 'https://s3.amazonaws.com/bucket/foo'
request.method = 'PUT'
Expand All @@ -386,16 +386,19 @@ def _test_blacklist_header(self, header, value):
auth.add_auth(request)
self.assertNotIn(header, request.headers['Authorization'])

def test_blacklist_expect_headers(self):
self._test_blacklist_header('expect', '100-continue')
def test_blocklist_expect_headers(self):
self._test_blocklist_header('expect', '100-continue')

def test_blacklist_trace_id(self):
self._test_blacklist_header(
def test_blocklist_trace_id(self):
self._test_blocklist_header(
'x-amzn-trace-id', 'Root=foo;Parent=bar;Sampleid=1'
)

def test_blacklist_headers(self):
self._test_blacklist_header('user-agent', 'botocore/1.4.11')
def test_blocklist_user_agent_header(self):
self._test_blocklist_header('user-agent', 'botocore/1.4.11')

def test_blocklist_transfer_encoding_header(self):
self._test_blocklist_header('transfer-encoding', 'chunked')

def test_uses_sha256_if_config_value_is_true(self):
self.client_config.s3['payload_signing_enabled'] = True
Expand Down
Loading