Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signatures need to include the host header, but the requests library does not include it in prepared requests by default. Rather, it trusts that Python's HTTP client will compute and inject it when sending the request. This forces requests-aws4auth to compute how this header will look like. A slight discrepancy between the implementations is that the code in this library unconditionally skips the port, whereas the request ending up being sent will include a port if it does not match the URL scheme's default. This change adjusts the implementations to match in that regard. Fixes #34
- Loading branch information
1 parent
b47d298
commit 8e1417c
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -615,7 +615,15 @@ def get_canonical_headers(cls, req, include=None): | |
| # in the signed headers, but Requests doesn't include it in a | ||
| # PreparedRequest | ||
| if 'host' not in headers: | ||
| purl = urlparse(str(req.url)) | ||
| netloc = purl.netloc | ||
| # Python's http client only includes the port if it is non-default, | ||
| # see http.client.HTTPConnection.putrequest. The request URL, on the | ||
| # other hand, might explicitly include it. | ||
| if ((purl.port == 80 and purl.scheme == 'http') | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong. 
tedder
Owner
|
||
| or (purl.port == 443 and purl.scheme == 'https')): | ||
| netloc = netloc.rsplit(":", 1)[0] | ||
| headers['host'] = netloc | ||
| # Aggregate for upper/lowercase header name collisions in header names, | ||
| # AMZ requires values of colliding headers be concatenated into a | ||
| # single header with lowercase name. Although this is not possible with | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@phillipberndt This line of code literally broke the library for ports that are not 443/80...