Project

General

Profile

Actions

Bug #17598

closed

[keep-web] should be tolerant of superfluous :443's in the arvados config

Added by Ward Vandewege over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Story points:
-
Release relationship:
Auto

Description

With a config like this:

      WebDAVDownload:
        ExternalURL: https://download.xxxx1.arvadosapi.com:443

keep-web does a literal comparison of ExternalURL.Host with a http.Request.Host in `services/keep-web/handler.go` line 251, and the superfluous :443 in the config trips that up, which causes it to go into "turtle mode" and fall back to the anonymous token. In the normal (i.e. no anonymous access) case, that breaks all downloads with a 401, for example it makes viewing collection contents in WB2 fail.

keep-web should handle the special cases of :443 and :80 correctly. (also :https and :http)

two other lessons learned that need to be fixed:

  1. if AnonymousUserToken is empty, don't add it to 'tokens' in handler.go:349 (this is #17597)
  2. if a token was provided but not used (credentialsOK is false on line 295), it should log a warning saying that it is refusing to accept credentials, give some indication why, and (if applicable) indicate it will fall back to trying AnonymousUserToken

Subtasks 1 (0 open1 closed)

Task #17599: Review 17598-keep-web-urlResolvedPeter Amstutz04/29/2021Actions
Actions

Also available in: Atom PDF