AI/dify
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/langgenius/dify.git synced 2025-08-11 16:28:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix s3 presign url check problem, support two versions(v2,v4) (#9093)

Browse Source 
Co-authored-by: Yuanbo Li <ybalbert@amazon.com>
This commit is contained in:
ybalbert001 2024-10-09 10:23:21 +08:00 committed by GitHub
parent 0540995e5c
commit 57994e4a24
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
api/core/file/message_file_parser.py
View File

@ -198,16 +198,34 @@ class MessageFileParser:
if "amazonaws.com" not in parsed_url.netloc: if "amazonaws.com" not in parsed_url.netloc:
return False return False
query_params = parse_qs(parsed_url.query) query_params = parse_qs(parsed_url.query)
required_params = ["Signature", "Expires"]
for param in required_params: def check_presign_v2(query_params):
if param not in query_params: required_params = ["Signature", "Expires"]
for param in required_params:
if param not in query_params:
return False
if not query_params["Expires"][0].isdigit():
return False return False
if not query_params["Expires"][0].isdigit(): signature = query_params["Signature"][0]
return False if not re.match(r"^[A-Za-z0-9+/]+={0,2}$", signature):
signature = query_params["Signature"][0] return False
if not re.match(r"^[A-Za-z0-9+/]+={0,2}$", signature):
return False return True
return True
def check_presign_v4(query_params):
required_params = ["X-Amz-Signature", "X-Amz-Expires"]
for param in required_params:
if param not in query_params:
return False
if not query_params["X-Amz-Expires"][0].isdigit():
return False
signature = query_params["X-Amz-Signature"][0]
if not re.match(r"^[A-Za-z0-9+/]+={0,2}$", signature):
return False
return True
return check_presign_v4(query_params) or check_presign_v2(query_params)
except Exception: except Exception:
return False return False