mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 12:19:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Work around a problem with reverse proxies changing URLs being signed

Browse Source 
Fixes https://github.com/owncloud/ocis/issues/10180
This commit is contained in:
André Duffeck
2024-10-04 09:50:58 +02:00
parent ee617d33d2
commit bea1deebba
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
services/proxy/pkg/middleware/signed_url_auth.go
View File

@@ -160,6 +160,16 @@ func (m SignedURLAuthenticator) signatureIsValid(req *http.Request) (err error)
if computedSignature == signatureInURL {
return nil
}
// try a workaround for https://github.com/owncloud/ocis/issues/10180
// Some reverse proxies might replace $ with %24 in the URL leading to a mismatch in the signature
u = strings.Replace(u, "$", "%24", 1)
computedSignature = m.createSignature(u, signingKey[0].Value)
signatureInURL = req.URL.Query().Get(_paramOCSignature)
if computedSignature == signatureInURL {
return nil
}
return fmt.Errorf("signature mismatch: expected %s != actual %s", computedSignature, signatureInURL)
}