diff options
| author | Zettat123 <zettat123@gmail.com> | 2024-10-31 23:28:25 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-10-31 15:28:25 +0000 |
| commit | 0690cb076bf63f71988a709f62a9c04660b51a4f (patch) | |
| tree | 476e377eff422fd86c11c78f49b0ef3b7f3e9fc3 /routers/api/v1 | |
| parent | 810782302652d73c4f7249c4c3df8a7e85bae5f0 (diff) | |
| download | gitea-0690cb076bf63f71988a709f62a9c04660b51a4f.tar.gz gitea-0690cb076bf63f71988a709f62a9c04660b51a4f.zip | |
Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (#32365)
Fix #28121
I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.
https://github.com/go-gitea/gitea/blob/348d1d0f322ca57c459acd902f54821d687ca804/routers/api/packages/container/container.go#L712-L717
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.
https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
<img width="600px"
src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>
In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.
```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```
---
Most S3-like services support specifying the content type when storing
objects. However, Gitea always use `application/octet-stream`.
Therefore, I believe we also need to improve the `Save` method to
support storing objects with the correct content type.
https://github.com/go-gitea/gitea/blob/b7fb20e73e63b8edc9b90c52073e248bef428fcc/modules/storage/minio.go#L214-L221
Diffstat (limited to 'routers/api/v1')
| -rw-r--r-- | routers/api/v1/repo/file.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/routers/api/v1/repo/file.go b/routers/api/v1/repo/file.go index e335c29c70..97f7a49390 100644 --- a/routers/api/v1/repo/file.go +++ b/routers/api/v1/repo/file.go @@ -209,7 +209,7 @@ func GetRawFileOrLFS(ctx *context.APIContext) { if setting.LFS.Storage.ServeDirect() { // If we have a signed url (S3, object storage), redirect to this directly. - u, err := storage.LFS.URL(pointer.RelativePath(), blob.Name()) + u, err := storage.LFS.URL(pointer.RelativePath(), blob.Name(), nil) if u != nil && err == nil { ctx.Redirect(u.String()) return @@ -334,7 +334,7 @@ func download(ctx *context.APIContext, archiveName string, archiver *repo_model. rPath := archiver.RelativePath() if setting.RepoArchive.Storage.ServeDirect() { // If we have a signed url (S3, object storage), redirect to this directly. - u, err := storage.RepoArchives.URL(rPath, downloadName) + u, err := storage.RepoArchives.URL(rPath, downloadName, nil) if u != nil && err == nil { ctx.Redirect(u.String()) return |