Skip to content

AWS Signer 2.0.3

Choose a tag to compare

View all tags
@jakekarnes42 jakekarnes42 released this 20 May 16:09
· 9 commits to master since this release
2.0.3
8b12b8d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This releases fixes an issue with the signer's handling of the Host header. AWS Signer versions 2.0.0 - 2.0.2 would overwrite the host header if it differed from the value in the Target URL. This wasn't intentional functionality, rather the result of how the AWS Java SDK signed requests. This was reported in issue #33.

The update will now sign the request using the Host header's value, not the value in the target URL. If the host specified by the target URL and the host header match, there will be no observable difference. If these values differ, the request is still sent to the target URL, but the signature will reference the Host header's value.

This should better support use cases where the user is sending a request to a proxy, and then onto the AWS endpoint. The host header can contain the real AWS endpoint value, and the target URL can point to the proxy. When the proxy forwards the request to the real AWS endpoint's URL, the signature will be correct since it was based on the host header's value.

Assets 3
Loading