Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Compute host header correctly #63

Merged
merged 1 commit into from Jan 20, 2023
Merged

Compute host header correctly #63

merged 1 commit into from Jan 20, 2023

Conversation

phillipberndt
Copy link
Contributor

Signatures need to include the host header, but the requests library does not include it in prepared requests by default. Rather, it trusts that Python's HTTP client will compute and inject it when sending the request. This forces requests-aws4auth to compute how this header will look like.

A slight discrepancy between the implementations is that the code in this library unconditionally skips the port, whereas the request ending up being sent will include a port if it does not match the URL scheme's default.

This change adjusts the implementations to match in that regard.

Fixes #34

# Python's http client only includes the port if it is non-default,
# see http.client.HTTPConnection.putrequest. The request URL, on the
# other hand, might explicitly include it.
if (purl.port is not None
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checking if purl.netloc contains : may seem more natural here at first sight, but technically, the host could be an IPv6 address. That's why I rather check port here. I verified that both Python 2 and 3 return None here if no port is given in req.url, and an integer otherwise.

@phillipberndt
Copy link
Contributor Author

Reworked the code a bit to drop the needless extra comparison of port to None.

Signatures need to include the host header, but the requests library
does not include it in prepared requests by default. Rather, it trusts
that Python's HTTP client will compute and inject it when sending the
request. This forces requests-aws4auth to compute how this header will
look like.

A slight discrepancy between the implementations is that the code in
this library unconditionally skips the port, whereas the request ending
up being sent will include a port if it does not match the URL scheme's
default.

This change adjusts the implementations to match in that regard.

Fixes tedder#34
@tedder
Copy link
Owner

tedder commented Jan 20, 2023

thanks- appreciate the comments as well.

@tedder tedder merged commit 8e1417c into tedder:main Jan 20, 2023
tedder added a commit that referenced this pull request Jan 20, 2023
tedder added a commit that referenced this pull request Feb 3, 2023
This reverts commit 8e1417c.

Fixing #34 and #63 caused a regression bug.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Port numbers are required if the port number is not 80/443
2 participants