johanels/rclone
1
0
Fork 0
mirror of https://github.com/rclone/rclone.git synced 2025-12-11 22:14:05 +01:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
Files
bc8f0208aabebbe5cdc4d574954365574c9bdf9d
rclone/lib/rest
History
Nick Craig-Wood bc8f0208aa rest: Remove auth headers on HTTP redirect 
Before this change the rest package would forward all the headers on
an HTTP redirect, including the Authorization: header.  This caused
problems when forwarded to a signed S3 URL ("Only one auth mechanism
allowed") as well as being a potential security risk.

After we use the go1.8+ mechanism for doing this instead of using our
own which does it correctly removing the Authorization: header when
redirecting to a different host.

This hasn't fixed the behaviour for rclone compiled with go1.7.

Fixes #2635
2018-10-11 21:20:33 +01:00
..
rest_header_reset_go17.go
rest: Remove auth headers on HTTP redirect
2018-10-11 21:20:33 +01:00
rest_header_reset.go
rest: Remove auth headers on HTTP redirect
2018-10-11 21:20:33 +01:00
rest.go
rest: Remove auth headers on HTTP redirect
2018-10-11 21:20:33 +01:00
url_test.go
Move dircache, oauthutil, rest and pacer modules into lib
2018-01-12 17:07:38 +00:00
url.go
Move dircache, oauthutil, rest and pacer modules into lib
2018-01-12 17:07:38 +00:00