Verify that x-amz-meta headers from s3 API cannot contain unescaped newlines or other control characters
(Total: 0.00 h)
Updated by Tom Clegg 9 months ago
- Status changed from New to In Progress
Go stdlib automatically replaces \r and \n in header values with spaces.
Updated keep-web to apply the optional mime-encoding instead for any values that contain control characters.
Added check for \r and \n in header keys as well (invalid keys properties are omitted from x-amz-meta headers, but this wasn't tested).
19249-header-ctrl-chars @ 831540fd5eedb6226996b5c72a86f2dba64cb196 -- developer-run-tests: #3226
retry wb1 developer-run-tests-apps-workbench-integration: #3467
Updated by Peter Amstutz 8 months ago
- Target version changed from 2022-07-20 to 2022-08-03 Sprint
Updated by Stephen Smith 8 months ago
This looks good, assuming the test failures are nothing serious / unrelated
Updated by Tom Clegg 8 months ago
- % Done changed from 0 to 100
- Status changed from In Progress to Resolved
Applied in changeset arvados|61d3aed1cd0286c7928167a84267c225938a37ec.
Updated by Peter Amstutz 3 months ago
- Release set to 47