BUG: aws4fetch.authHeader excluding "content-length" and "content-type"

Question

BUG: aws4fetch.authHeader excluding "content-length" and "content-type"

Closed this issue a year ago · 1 comments

Hi

with AWS "@aws-sdk/client-s3": "3.321.1", the client signs the 'content-length' when targeting a custom endpoint. However, aws4fetch explicitly masks these out when generating a signature and so I cannot get them to match.

Here is the authorization header as sent by amazon's client:

AWS4-HMAC-SHA256 Credential=05ce8c0cb2aac98b3e7cb0f28ad964bd/20230513/us-west-2/s3/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-user-agent, Signature=433974ad26ee6294252724cf9e9ec5e03568c0167b1da6c76ee092a538fec832

The bug is that aws4fetch.authHeader should sign all headers I tell it to.

Answer 1 · 2023-05-13T09:26:18.000Z

Oh sorry, I missed the allHeaders option!