Parameter escaping fix for auth_path generation in boto.s3.connection.generate_url #646

Closed
wants to merge 2 commits into
from
Jump to file or symbol
Failed to load files and symbols.
+7 −1
Split
View
@@ -305,7 +305,7 @@ def generate_url(self, expires_in, method, bucket='', key='', headers=None,
# Arguments to override response headers become part of the canonical
# string to be signed.
if response_headers:
- response_hdrs = ["%s=%s" % (k, v) for k, v in
+ response_hdrs = ["%s=%s" % (k, urllib.quote(v)) for k, v in
response_headers.items()]
delimiter = '?' if '?' not in auth_path else '&'
auth_path = "%s%s" % (auth_path, delimiter)
@@ -72,6 +72,12 @@ def test_1_basic(self):
file = urllib.urlopen(url)
rh = {'response-content-disposition': 'attachment; filename="foo.txt"'}
url = k.generate_url(60, response_headers=rh)
+ file = urllib.urlopen(url)
+ assert s1 == file.read(), 'invalid URL %s' % url
+ #test whether amperands and to-be-escaped characters work in header filename
+ rh = {'response-content-disposition': 'attachment; filename="foo&z%20ar&ar&zar&bar.txt"'}
+ url = k.generate_url(60, response_headers=rh)
+ file = urllib.urlopen(url)
assert s1 == file.read(), 'invalid URL %s' % url
bucket.delete_key(k)
# test a few variations on get_all_keys - first load some data