For some operations, S3 can return an error response, despite having sent status-code 200 OK (see knowledge center)
To defend against this, aws-c-s3 checked all 200 OK responses to see if they were actually XML errors, except responses related to AWS_S3_META_REQUEST_TYPE_GET_OBJECT. We knew that operations with "streaming body" responses never did "200 Error", and what if someone did "GetObject" on an XML error message they'd uploaded to S3, LoL π haha π that would never happen π.
We heard from a customer that was using AWS_S3_META_REQUEST_TYPE_DEFAULT (instead of AWS_S3_META_REQUEST_TYPE_GET_OBJECT) to send a "GetObject" request. The object was logs, and the logs began with an XML error message. Since aws-c-s3 didn't realize this was a "GetObject" request, it scanned the body of the response and mistook it for a "200 error".
Description of changes:
Users MUST set operation_name for AWS_S3_META_REQUEST_TYPE_DEFAULT. Previously, this was an optional field, but now it is required. This lets us ensure that "GetObject" operations are never checked for "200 Error", even if they were sent via AWS_S3_META_REQUEST_TYPE_DEFAULT.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Issue:
For some operations, S3 can return an error response, despite having sent status-code 200 OK (see knowledge center)
To defend against this, aws-c-s3 checked all 200 OK responses to see if they were actually XML errors, except responses related to
AWS_S3_META_REQUEST_TYPE_GET_OBJECT
. We knew that operations with "streaming body" responses never did "200 Error", and what if someone did "GetObject" on an XML error message they'd uploaded to S3, LoL π haha π that would never happen π.We heard from a customer that was using
AWS_S3_META_REQUEST_TYPE_DEFAULT
(instead ofAWS_S3_META_REQUEST_TYPE_GET_OBJECT
) to send a "GetObject" request. The object was logs, and the logs began with an XML error message. Since aws-c-s3 didn't realize this was a "GetObject" request, it scanned the body of the response and mistook it for a "200 error".Description of changes:
Users MUST set
operation_name
forAWS_S3_META_REQUEST_TYPE_DEFAULT
. Previously, this was an optional field, but now it is required. This lets us ensure that "GetObject" operations are never checked for "200 Error", even if they were sent viaAWS_S3_META_REQUEST_TYPE_DEFAULT
.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.