rich7420 opened a new pull request, #10749:
URL: https://github.com/apache/ozone/pull/10749

   What changes were proposed in this pull request?
   
   The S3 Gateway reports an expired or out-of-range pre-signed URL as 400 
MalformedHeader. AWS S3 returns 403 AccessDenied for both. This maps only those 
two pre-signed expiry failures to 403 AccessDenied, leaving genuinely malformed 
signatures at 400.
   
   - MalformedResourceException gains an accessDenied
   - AuthorizationV4QueryParser.validateDateAndExpires() sets the flag for (a) 
an expired pre-signed URL and (b) an out-of-range
   X-Amz-Expires.
   - AWSSignatureProcessor maps the flag to ACCESS_DENIED (403) instead of 
MALFORMED_HEADER (400). It is the single catch site for
   MalformedResourceException, so all parsers route th
   
   What is the link to the Apache JIRA?
   
   https://issues.apache.org/jira/browse/HDDS-15851
   
   How was this patch tested?
   
   https://github.com/rich7420/ozone/actions/runs/29302072421


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to