gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix listing objects (#7008)

Browse Source 
* fix listing objects

* add more list testing

* address comments

* fix next marker

* fix isTruncated in listing

* fix tests

* address tests

* Update s3api_object_handlers_multipart.go

* fixes

* store json into bucket content, for tagging and cors

* switch bucket metadata from json to proto

* fix

* Update s3api_bucket_config.go

* fix test issue

* fix test_bucket_listv2_delimiter_prefix

* Update cors.go

* skip special characters

* passing listing

* fix test_bucket_list_delimiter_prefix

* ok. fix the xsd generated go code now

* fix cors tests

* fix test

* fix test_bucket_list_unordered and test_bucket_listv2_unordered

do not accept the allow-unordered and delimiter parameter combination

* fix test_bucket_list_objects_anonymous and test_bucket_listv2_objects_anonymous

The tests test_bucket_list_objects_anonymous and test_bucket_listv2_objects_anonymous were failing because they try to set bucket ACL to public-read, but SeaweedFS only supported private ACL.

Updated PutBucketAclHandler to use the existing ExtractAcl function which already supports all standard S3 canned ACLs
Replaced the hardcoded check for only private ACL with proper ACL parsing that handles public-read, public-read-write, authenticated-read, bucket-owner-read, bucket-owner-full-control, etc.
Added unit tests to verify all standard canned ACLs are accepted

* fix list unordered

The test is expecting the error code to be InvalidArgument instead of InvalidRequest

* allow anonymous listing( and head, get)

* fix test_bucket_list_maxkeys_invalid

Invalid values: max-keys=blah → Returns ErrInvalidMaxKeys (HTTP 400)

* updating IsPublicRead when parsing acl

* more logs

* CORS Test Fix

* fix test_bucket_list_return_data

* default to private

* fix test_bucket_list_delimiter_not_skip_special

* default no acl

* add debug logging

* more logs

* use basic http client

remove logs also

* fixes

* debug

* Update stats.go

* debugging

* fix anonymous test expectation

anonymous user can read, as configured in s3 json.
This commit is contained in:
Chris Lu
2025-07-22 01:07:15 -07:00
committed by GitHub
parent 632029fd8b
commit 33b9017b48
28 changed files with 2150 additions and 708 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
weed/s3api/s3err/error_handler.go
View File

@@ -78,24 +78,33 @@ func setCommonHeaders(w http.ResponseWriter, r *http.Request) {
w.Header().Set("x-amz-request-id", fmt.Sprintf("%d", time.Now().UnixNano()))
w.Header().Set("Accept-Ranges", "bytes")
// Only set static CORS headers for service-level requests, not bucket-specific requests
// Handle CORS headers for requests with Origin header
if r.Header.Get("Origin") != "" {
// Use mux.Vars to detect bucket-specific requests more reliably
vars := mux.Vars(r)
bucket := vars["bucket"]
isBucketRequest := bucket != ""
// Only apply static CORS headers if this is NOT a bucket-specific request
// and no bucket-specific CORS headers were already set
if !isBucketRequest && w.Header().Get("Access-Control-Allow-Origin") == "" {
// This is a service-level request (like OPTIONS /), apply static CORS
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "*")
w.Header().Set("Access-Control-Allow-Headers", "*")
w.Header().Set("Access-Control-Expose-Headers", "*")
w.Header().Set("Access-Control-Allow-Credentials", "true")
if !isBucketRequest {
// Service-level request (like OPTIONS /) - apply static CORS if none set
if w.Header().Get("Access-Control-Allow-Origin") == "" {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "*")
w.Header().Set("Access-Control-Allow-Headers", "*")
w.Header().Set("Access-Control-Expose-Headers", "*")
w.Header().Set("Access-Control-Allow-Credentials", "true")
}
} else {
// Bucket-specific request - preserve existing CORS headers or set default
// This handles cases where CORS middleware set headers but auth failed
if w.Header().Get("Access-Control-Allow-Origin") == "" {
// No CORS headers were set by middleware, so this request doesn't match any CORS rule
// According to CORS spec, we should not set CORS headers for non-matching requests
// However, if the bucket has CORS config but request doesn't match,
// we still should not set headers here as it would be incorrect
}
// If CORS headers were already set by middleware, preserve them
}
// For bucket-specific requests, let the CORS middleware handle the headers
}
}