adutra commented on PR #15171: URL: https://github.com/apache/iceberg/pull/15171#issuecomment-4000160832
> > the headers we know are fluid/irrelevant have already been stripped out before submission to the rest signing service > > I don't agree with this. We're putting to much of the logic into the client and we should delegate the responsibility to the catalog. I actually like @steveloughran's idea and implemented it. I think it's safer if we assume that 1) the client removes the headers it doesn't want signed and 2) the catalog signs all the headers that were sent. This also enables a simple and efficient caching algorithm, since the client is in control. If you want to delegate the responsibility of deciding which headers to sign to the catalog server – which is basically the case today, btw –, then the client will not be able to cache responses properly. > For reference here's the [lakekeeper implementation](https://github.com/lakekeeper/lakekeeper/blob/main/crates/lakekeeper/src/server/s3_signer/sign.rs) FWIW, I think this implementation is signing too many headers. E.g. it's signing `Keep-Alive` or `Referer`, but it shouldn't. cc @c-thiel. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
