不要传播对HTTP重定向头 [英] Do not propagate headers on HTTP redirects

问题描述

我托管在Amazon S3的文件，我想在我的应用程序处理后，下载它们。此应用程序的考虑需要对HTTP Authorization头继续。下面是该过程：

I have files hosted on Amazon S3, and I'd like to download them after a treatment in my app. This app view requires the HTTP Authorization header to proceed. Here is the process:

1. 查询视图 /文件/ XXX 所要求的批准请求头
2. 如果应用程序访问被允许，做一些治疗
3. 生成一个签名的S3 URL，并重定向到它

1. Query view /file/xxx with the required Authorization request header
2. If the app access is granted, does some treatment
3. Generate a signed S3 url, and redirect to it

事实上，请求头也被传播的重定向，并与Amazon的S3签名的冲突，我有以下错误信息：

The fact is that the request header is also propagated on the redirect, and is in conflict with Amazon's S3 signature, I have the following error message:

无论是签名的查询字符串参数或授权头应符合规定，不能同时使用

Either the Signature query string parameter or the Authorization header should be specified, not both

那么，有没有一种方法，不传播批准头S3？

So, is there a way to not propagate the Authorization header to S3 ?

请注意，我已经测试了所有 3XX HTTP codeS。先谢谢了。

Note that I have tested all 3xx HTTP codes. Thanks in advance.

推荐答案

这可能取决于你的客户端，例如参见：的 HTTPS：//$c$c.google.com/p/go/issues/detail ID = 4800

It may depend on your client, for example see: https://code.google.com/p/go/issues/detail?id=4800

这似乎卷曲并不会沿用默认情况下你的Authorization头。但我处理了类似的问题，我看到，默认情况下HTTP组件出现带着它。

It appears curl won't carry over your Authorization header by default. But I'm dealing with a similar issue and I see that by default http components appears to carry it.

这篇关于不要传播对HTTP重定向头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！