Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add setting to disable signed URLs for GCS uniform buckets #952

Merged
merged 3 commits into from Nov 16, 2020
Merged

Add setting to disable signed URLs for GCS uniform buckets #952

merged 3 commits into from Nov 16, 2020

Conversation

mands
Copy link
Contributor

@mands mands commented Nov 10, 2020

Rebased version of existing PR by @dulacp in #910 that fixes merge conflict and should pass CI tests.

As per docs in #910

To support Uniform permissions buckets on Google Cloud Storage, we need to keep GS_DEFAULT_ACL to None, but it forces each url to be signed, which is useless since the uniform permission is usually meant to give world read access. This new parameter solves this use case reported in #783, #846 and #909.

dulacp and others added 3 commits November 10, 2020 20:29
@dulacp @mands
Add a new GS_QUERYSTRING_AUTH param to avoid signing urls
221055b 
To support Uniform permissions buckets on Google Cloud Storage, we need to keep `GS_DEFAULT_ACL` to `None`, but it forces each url to be signed, which is useless since the uniform permission is usually meant to give world read access. This new parameter solves this use case reported in jschneier#783, jschneier#846 and jschneier#909
@dulacp @mands
Add documentation for the new parameter GS_QUERYSTRING_AUTH
c2fef0d
@mands
Minor logic refactor to no_signed_url
08ab782
@mands mands mentioned this pull request Nov 10, 2020
Closed
@jschneier
Copy link
Owner

Looks great. Thanks.

@jschneier jschneier merged commit bf30e29 into jschneier:master Nov 16, 2020
@jschneier jschneier mentioned this pull request Nov 16, 2020
Closed
@mands mands deleted the fix-gcs-uniform-buckets branch November 17, 2020 14:58
@mands mands restored the fix-gcs-uniform-buckets branch November 17, 2020 14:58
@mands mands deleted the fix-gcs-uniform-buckets branch January 17, 2021 13:27
mlazowik pushed a commit to qedsoftware/django-storages that referenced this pull request Mar 9, 2022
@mands @dulacp @mlazowik
Add setting to disable signed URLs for GCS uniform buckets (jschneier…
b7906cb 
…#952)

* Add a new GS_QUERYSTRING_AUTH param to avoid signing urls

To support Uniform permissions buckets on Google Cloud Storage, we need to keep `GS_DEFAULT_ACL` to `None`, but it forces each url to be signed, which is useless since the uniform permission is usually meant to give world read access. This new parameter solves this use case reported in jschneier#783, jschneier#846 and jschneier#909

* Add documentation for the new parameter GS_QUERYSTRING_AUTH

* Minor logic refactor to no_signed_url

Co-authored-by: Pierre Dulac <dulacpier@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mands @jschneier @dulacp