Issues

ZF-10122: Amazon S3 signature creation does not take parameter input into account

Description

The recommended way to change ACL permissions is to use PUT on the url bucketname/objectname?acl

using S3->_makeRequest('PUT') with the query variable in the $params array causes amazon to return a 403 signature not valid. This seems to be because of this line in the makeRequest function: self::addSignature($method, $path, $headers);

the signature creation only uses $path, ignoring $params

manually patching the $path with "?acl" appears to work.

Comments

This basically prevents you from using any amazon feature that requires a ?something query variable on a private object. I'm also hitting this issue with listing all versions of an object.

simply appending the query string to the $path variable results in an error "is not a valid HTTP path"

Fixed on trunk (commit 24053). I added the fix reported in ZF-10218.

Resolved in branches/release-1.11 (commit 24054)