Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Do not propagate headers on HTTP redirects

I have files hosted on Amazon S3, and I'd like to download them after a treatment in my app. This app view requires the HTTP Authorization header to proceed. Here is the process:

  1. Query view /file/xxx with the required Authorization request header
  2. If the app access is granted, does some treatment
  3. Generate a signed S3 url, and redirect to it

The fact is that the request header is also propagated on the redirect, and is in conflict with Amazon's S3 signature, I have the following error message:

Either the Signature query string parameter or the Authorization header should be specified, not both

So, is there a way to not propagate the Authorization header to S3 ?

Note that I have tested all 3xx HTTP codes. Thanks in advance.

like image 884
Léo Avatar asked Oct 31 '12 14:10

Léo


1 Answers

It may depend on your client, for example see: https://code.google.com/p/go/issues/detail?id=4800

It appears curl won't carry over your Authorization header by default. But I'm dealing with a similar issue and I see that by default http components appears to carry it.

like image 60
Jeff Damick Avatar answered Oct 17 '22 00:10

Jeff Damick