mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-04 11:19:39 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10237 from aduffeck/signing-fixes

Browse Source 
Work around a problem with reverse proxies changing URLs being signed
This commit is contained in:
Jörn Friedrich Dreyer
2024-10-04 10:26:00 +02:00
committed by GitHub
parent 7f66ae538a bea1deebba
commit dc9f3c2989
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
services/proxy/pkg/middleware/signed_url_auth.go
View File

@@ -160,6 +160,16 @@ func (m SignedURLAuthenticator) signatureIsValid(req *http.Request) (err error)
if computedSignature == signatureInURL {
return nil
}
// try a workaround for https://github.com/owncloud/ocis/issues/10180
// Some reverse proxies might replace $ with %24 in the URL leading to a mismatch in the signature
u = strings.Replace(u, "$", "%24", 1)
computedSignature = m.createSignature(u, signingKey[0].Value)
signatureInURL = req.URL.Query().Get(_paramOCSignature)
if computedSignature == signatureInURL {
return nil
}
return fmt.Errorf("signature mismatch: expected %s != actual %s", computedSignature, signatureInURL)
}