Skip to content

Commit 6cc5f8a

Browse files
tseavertseaver
committed
fix: ensure URI quoting of resource path
1 parent 799bb01 commit 6cc5f8a

File tree

2 files changed

+9
-4
lines changed

2 files changed

+9
-4
lines changed

β€Žgoogle/cloud/storage/_signing.pyβ€Ž

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -586,9 +586,11 @@ def generate_signed_url_v4(
586586
ordered_query_parameters = sorted(query_parameters.items())
587587
canonical_query_string = six.moves.urllib.parse.urlencode(ordered_query_parameters)
588588

589+
quoted_resource = six.moves.urllib.parse.quote(resource)
590+
589591
canonical_elements = [
590592
method,
591-
resource,
593+
quoted_resource,
592594
canonical_query_string,
593595
canonical_header_string,
594596
signed_headers,
@@ -617,7 +619,7 @@ def generate_signed_url_v4(
617619
signature = binascii.hexlify(signature_bytes).decode("ascii")
618620

619621
return "{}{}?{}&X-Goog-Signature={}".format(
620-
api_access_endpoint, resource, canonical_query_string, signature
622+
api_access_endpoint, quoted_resource, canonical_query_string, signature
621623
)
622624

623625

β€Žtests/unit/test__signing.pyβ€Ž

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -544,9 +544,9 @@ def _generate_helper(
544544
generation=None,
545545
headers=None,
546546
query_parameters=None,
547+
resource="/name/path",
547548
):
548549
now = datetime.datetime(2019, 2, 26, 19, 53, 27)
549-
resource = "/name/path"
550550
signer_email = "service@example.com"
551551
credentials = _make_credentials(signer_email=signer_email)
552552
credentials.sign_bytes.return_value = b"DEADBEEF"
@@ -577,7 +577,7 @@ def _generate_helper(
577577
)
578578
self.assertEqual(scheme, expected_scheme)
579579
self.assertEqual(netloc, expected_netloc)
580-
self.assertEqual(path, resource)
580+
self.assertEqual(path, six.moves.urllib.parse.quote(resource))
581581
self.assertEqual(frag, "")
582582

583583
# Check the URL parameters.
@@ -656,6 +656,9 @@ def test_w_custom_query_parameters_w_string_value(self):
656656
def test_w_custom_query_parameters_w_none_value(self):
657657
self._generate_helper(query_parameters={"qux": None})
658658

659+
def test_w_non_ascii_resource(self):
660+
self._generate_helper(resource="/name/p\xe5th")
661+
659662
def test_with_access_token(self):
660663
resource = "/name/path"
661664
signer_email = "service@example.com"

0 commit comments

Comments
 (0)