|Anonymous | Login||08-09-2020 03:15 UTC|
|Main | My View | View Issues | Change Log | Docs|
|Viewing Issue Simple Details [ Jump to Notes ]||[ View Advanced ] [ Issue History ] [ Print ]|
|ID||Category||Severity||Reproducibility||Date Submitted||Last Update|
|0007375||[Squeak] Network||minor||always||08-05-09 15:28||08-05-09 15:28|
|Summary||0007375: HTTPSocket GET appends default port number 80 to Host: argument, causing failure of some signed requests|
As of August 2009 Amazon Web Services is switching to requiring signatures in requests. The signatures are calculated on the basis of all parameters in the request, including the request time and the host address.
Because the signature is generated using the unqualified form of the host (e.g., ecs.amazonaws.com), but HTTPSocket>>httpGetDocument:args:accept:request: adds the port number to the host address even in the case of default port 80, all signed requests are rejected.
The port specifier is optional, but omitting it for port 80 is evidently standard practice for HTTP clients.
The problem appears to be fixed by replacing
'Host: ', serverName, ':', port printString, CrLf.
'Host: ', serverName,
(port = self defaultPort ifTrue: [ '' ] ifFalse: [ ':', port printString ]), CrLf.
|There are no notes attached to this issue.|
|08-05-09 15:28||aran||New Issue|
|08-05-09 15:28||aran||Status||new => assigned|
|08-05-09 15:28||aran||Assigned To||=> cdegroot|
| Mantis 1.0.8[^]
Copyright © 2000 - 2007 Mantis Group
30 total queries executed.|
27 unique queries executed.