Bug 1502780 – radosgw refuses upload when Content-Type missing from POST policy

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1502780 - radosgw refuses upload when Content-Type missing from POST policy [NEEDINFO]

Summary:	radosgw refuses upload when Content-Type missing from POST policy

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Ceph Storage
Classification:	Red Hat
Component:	RGW (Show other bugs)
Sub Component:
Version:	2.3
Hardware:	x86_64 Linux

Priority	high Severity high
Target Milestone:	rc
Target Release:	2.5
Assigned To:	Matt Benjamin (redhat)
QA Contact:	vidushi
Docs Contact:	Aron Gunn

URL:
Whiteboard:
Keywords:

Depends On:	1530775
Blocks:	1536401
	Show dependency tree / graph

Reported:	2017-10-16 12:46 EDT by Vikhyat Umrao
Modified:	2018-02-21 14:44 EST (History)
CC List:	12 users (show)

See Also:
Fixed In Version:	RHEL: ceph-10.2.10-9.el7cp Ubuntu: ceph_10.2.10-6redhat1xenial
Doc Type:	Bug Fix
Doc Text:	.The Ceph Object Gateway no longer refuses an S3 upload when the Content-Type field is missing When doing a Simple Storage Service (S3) upload, if the Content-Type field was missing from the policy part of the upload, then Ceph Object Gateway refused the upload with a 403 error: ---- Policy missing condition: Content-Type ---- With this update, the S3 POST policy does not require the Content-Type field.
Story Points:	---
Clone Of:
Clones:	1530775 (view as bug list)
Environment:
Last Closed:	2018-02-21 14:44:55 EST
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Flags:	agunn: needinfo? (mbenjamin)

Attachments	(Terms of Use)
rgw logs with debug_rgw=20 (27.32 KB, text/plain) 2017-10-16 12:46 EDT, Vikhyat Umrao	no flags	Details
ut-and-paste from the browser dev tools, showing the request headers and payload. (2.02 KB, text/plain) 2017-10-16 12:52 EDT, Vikhyat Umrao	no flags	Details
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	3242271	None	None	None	2017-11-15 15:40 EST
Ceph Project Bug Tracker	20201	None	None	None	2017-10-16 12:47 EDT
Red Hat Product Errata	RHBA-2018:0340	normal	SHIPPED_LIVE	Red Hat Ceph Storage 2.5 bug fix and enhancement update	2018-02-21 19:50:32 EST

Groups: None (edit)

Description Vikhyat Umrao 2017-10-16 12:46:19 EDT

Created attachment 1339390 [details]
rgw logs with debug_rgw=20

Description of problem:
radosgw refuses upload when Content-Type missing from POST policy

Upstream tracker: http://tracker.ceph.com/issues/20201


Version-Release number of selected component (if applicable):
jewel 10.2.7


How reproducible:
In the customer environment always 


When doing an S3 upload, if Content-Type is missing from the policy part of the upload, then radosgw refuses the upload with a 403 error, "Policy missing condition: Content-Type". The same upload to AWS S3 is successful, despite the Content-Type not being present in the uploaded policy. radosgw should accept this, for better interoperability.

Context: this was encountered when using Fine Uploader https://github.com/FineUploader/fine-uploader to get files into an S3 bucket. When a user tries to upload a file which the browser can't identify (because it has an unrecognized or missing filename extension) then the Content-Type is not added to the POST'ed policy.

Comment 2 Vikhyat Umrao 2017-10-16 12:52 EDT

Created attachment 1339391 [details]
ut-and-paste from the browser dev tools, showing the request headers and payload.

Comment 3 Vikhyat Umrao 2017-10-16 12:52:50 EDT

Attachments:

options-and-failing-post-20170531.txt is a radosgw debug = 20 log, showing the OPTIONS pre-flight call succeeding, and the POST failing at "env var missing in policy: Content-Type"

s3-upload-policy-missing-content-type-20170531.txt is cut-and-paste from the browser dev tools, showing the request headers and payload.

Where are you experiencing the behavior?  What environment?

We first encountered this on Ceph 10.2.3. Our Ceph is 10.2.7 (latest Ubuntu packaged version for Xenial).

Comment 4 Vikhyat Umrao 2017-11-01 16:00:14 EDT

Master branch PR - https://github.com/ceph/ceph/pull/18658

Comment 5 mamccoma 2017-11-14 09:50:21 EST

customer has confirmed this resolved their issue, and has also updated Upstream tracker stating this: http://tracker.ceph.com/issues/20201

Comment 7 Ken Dreyer (Red Hat) 2017-12-21 11:01:55 EST

This is not in v12.2.1 upstream so we need to track this for RHCEPH 3.0 now as well.

Comment 9 Ken Dreyer (Red Hat) 2018-01-03 13:55:51 EST

Would you please cherry-pick the change to ceph-3.0-rhel-patches (with the RHCEPH 3 clone ID number, "Resolves: rhbz#1530775") so customers do not experience a regression?

Comment 19 errata-xmlrpc 2018-02-21 14:44:55 EST

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0340

Note You need to log in before you can comment on or make changes to this bug.