search

supabase / storage

S3 compatible object storage service that stores metadata in Postgres
https://supabase.com/docs/guides/storage
Apache License 2.0
811 stars 116 forks source link

Storage: header if-modified-since being ignored #267

Open ffabss opened 2 years ago

ffabss commented 2 years ago

Bug report

Describe the bug

It seems that either the storage API is ignoring the if-modified-since header or the Cloudflare cache is ignoring it, as I seem to always get the file even though it has not been modified.

To Reproduce

  1. Go to Supabase Dashboard > Storage
  2. Create new bucket or use existing
  3. Upload any file
  4. Make following request: 
    curl http://<YOUR_PROJECT>.supabase.co/storage/v1/object/authenticated/images/image.png \
-H "if-modified-since: <DATE_AFTER_LAST_MODIFICATION>" \
-H "Authorization: Bearer <ALLOWED_API_TOKEN>" \
-I

    ("-I" to show document info only)

Expected behavior

The file should not be returned as it has not been modified and the http-status-code should be 304.

Actual

The file is returned and the status-code is 200.

curl https://<YOUR_PROJECT>.supabase.co/storage/v1/object/authenticated/images/image.png \
> -H "if-modified-since: Tue Mar 25 2022 19:08:51 GMT+0000 (Coordinated Universal Time)" \
> -H "Authorization: Bearer <ALLOWED_API_TOKEN>" \
> -I
HTTP/2 200
date: Tue, 29 Mar 2022 15:09:46 GMT
content-type: image/png
content-length: 1355
cf-ray: 6f39874e3a7b787f-VIE
accept-ranges: bytes
access-control-allow-origin: *
age: 570
cache-control: max-age=3600
etag: "ee35207bece5c11122eeb500b19ffa70"
last-modified: Tue Mar 15 2022 19:08:51 GMT+0000 (Coordinated Universal Time)
vary: Origin, Accept-Encoding
via: kong/2.2.1
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ratelimit-limit: 100
ratelimit-remaining: 99
ratelimit-reset: 1
x-kong-proxy-latency: 2
x-kong-upstream-latency: 177
x-ratelimit-limit-second: 100
x-ratelimit-remaining-second: 99
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Additional context

I was unable to find out what version of the storage API is running on my hosted instance, so I couldn't add that information. If you can tell me where to find this information, I can include it.

foysalit commented 2 years ago

Looks like this PR https://github.com/supabase/storage-api/pull/66 should have fixed it. If you could add some insight, I would attempt to patch further issues @thebengeu @inian

ffabss commented 2 years ago

I believe that the PR you linked only provided the solution for the S3 backend. Maybe the free/hosted version of Supabase does not use this backend and the used backend does not support this functionality. The only thing I can say for certain is that the problem still exists.