SignatureDoesNotMatch error when S3 key contains *

aws / aws-sdk-js-v3

Modularized AWS SDK for JavaScript.

Apache License 2.0

3.05k stars 573 forks source link

SignatureDoesNotMatch error when S3 key contains * #1896

Closed TsvetanMilanov closed 11 months ago

TsvetanMilanov commented 3 years ago

Describe the bug When trying to get/put object with key which contains * (e.g. te*st) the S3 client throws SignatureDoesNotMatch error.

SDK version number 3.2.0

Is the issue in the browser/Node.js/ReactNative? Node.js

Details of the browser/Node.js/ReactNative version v12.16.1

To Reproduce (observed behavior)

const { S3 } = require("@aws-sdk/client-s3");

const s3 = new S3({ region: "us-east-1" });
await s3.putObject({ Bucket: "test-signature-sdk-v3", Key: "test*", Body: "test" });

Expected behavior Expecting the method invocation to succeed, but it throws SignatureDoesNotMatch error.

Additional context There is a similar issue https://github.com/aws/aws-sdk-js-v3/issues/283 and a related fix https://github.com/aws/aws-sdk-js-v3/pull/284. The S3 client works with : (e.g. te:st) but not with *. The aws-sdk v2 works correctly with key te*st

ajredniwja commented 3 years ago

Hey @TsvetanMilanov I was able to reproduce this issue, it is currently in our high priority list, the issue will be updated once it has been fixed.

trivikr commented 3 years ago

This happens because encodeURIComponent doesn't escape *.

Currently the additional encoding is only done in signer, and some additional characters will be required to be escaped https://github.com/aws/aws-sdk-js-v3/blob/906e4b04d18ba26cbe16d9122b0014ea539233ac/packages/signature-v4/src/SignatureV4.ts#L280-L283

The solution would be to do additional encoding on top of encodeURIComponent output. Code from v2: https://github.com/aws/aws-sdk-js/blob/dd83d672170e8cc0c52a20df29a43e7663e5336a/lib/util.js#L41-L46

dobrynin commented 2 years ago

Bump, can the suggest change be implemented?

live680g commented 2 years ago

This error is being exist. "@aws-sdk/client-s3": "^3.142.0",

dobrynin commented 2 years ago

myString.replace("*", "%2A"); fixed for me.

Dids commented 1 year ago

This also happens when metadata contains special/unicode characters, such as ContentDisposition, which I've been wrestling with lately.

Using the latest SDK and specifically the CopyObjectCommand, as I'm trying to update metadata for a lot of files, as part of a migration to S3, however this has been a rather unpleasant surprise.

yenfryherrerafeliz commented 11 months ago

Hi @TsvetanMilanov, @Dids, @dobrynin, @live680g, this issue has been fixed. Please update to the latest version of the SDK you should have not issues.

If you folks have anything else that we can help with, please feel free of opening a new issue.

Thanks!

github-actions[bot] commented 10 months ago

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.