1502780 – radosgw refuses upload when Content-Type missing from POST policy

Bug 1502780 - radosgw refuses upload when Content-Type missing from POST policy

Summary: radosgw refuses upload when Content-Type missing from POST policy

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	RGW
Sub Component:
Version:	2.3
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	2.5
Assignee:	Matt Benjamin (redhat)
QA Contact:	Vidushi Mishra
Docs Contact:	Aron Gunn
URL:
Whiteboard:
Depends On:	1530775
Blocks:	1536401
TreeView+	depends on / blocked

Reported:	2017-10-16 16:46 UTC by Vikhyat Umrao
Modified:	2023-09-14 04:10 UTC (History)
CC List:	12 users (show)
Fixed In Version:	RHEL: ceph-10.2.10-9.el7cp Ubuntu: ceph_10.2.10-6redhat1xenial
Doc Type:	Bug Fix
Doc Text:	.The Ceph Object Gateway no longer refuses an S3 upload when the Content-Type field is missing When doing a Simple Storage Service (S3) upload, if the Content-Type field was missing from the policy part of the upload, then Ceph Object Gateway refused the upload with a 403 error: ---- Policy missing condition: Content-Type ---- With this update, the S3 POST policy does not require the Content-Type field.
Clone Of:
Clones:	1530775 (view as bug list)
Environment:
Last Closed:	2018-02-21 19:44:55 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
rgw logs with debug_rgw=20 (27.32 KB, text/plain) 2017-10-16 16:46 UTC, Vikhyat Umrao	no flags	Details
ut-and-paste from the browser dev tools, showing the request headers and payload. (2.02 KB, text/plain) 2017-10-16 16:52 UTC, Vikhyat Umrao	no flags	Details
View All

Links
System	ID	Priority	Status	Summary	Last Updated
Ceph Project Bug Tracker	20201	None	None	None	2017-10-16 16:47:41 UTC
Red Hat Knowledge Base (Solution)	3242271	None	None	None	2017-11-15 20:40:54 UTC
Red Hat Product Errata	RHBA-2018:0340	normal	SHIPPED_LIVE	Red Hat Ceph Storage 2.5 bug fix and enhancement update	2018-02-22 00:50:32 UTC

Description Vikhyat Umrao 2017-10-16 16:46:19 UTC

Created attachment 1339390 [details]
rgw logs with debug_rgw=20

Description of problem:
radosgw refuses upload when Content-Type missing from POST policy

Upstream tracker: http://tracker.ceph.com/issues/20201


Version-Release number of selected component (if applicable):
jewel 10.2.7


How reproducible:
In the customer environment always 


When doing an S3 upload, if Content-Type is missing from the policy part of the upload, then radosgw refuses the upload with a 403 error, "Policy missing condition: Content-Type". The same upload to AWS S3 is successful, despite the Content-Type not being present in the uploaded policy. radosgw should accept this, for better interoperability.

Context: this was encountered when using Fine Uploader https://github.com/FineUploader/fine-uploader to get files into an S3 bucket. When a user tries to upload a file which the browser can't identify (because it has an unrecognized or missing filename extension) then the Content-Type is not added to the POST'ed policy.

Comment 2 Vikhyat Umrao 2017-10-16 16:52:04 UTC

Created attachment 1339391 [details]
ut-and-paste from the browser dev tools, showing the request headers and payload.

Comment 3 Vikhyat Umrao 2017-10-16 16:52:50 UTC

Attachments:

options-and-failing-post-20170531.txt is a radosgw debug = 20 log, showing the OPTIONS pre-flight call succeeding, and the POST failing at "env var missing in policy: Content-Type"

s3-upload-policy-missing-content-type-20170531.txt is cut-and-paste from the browser dev tools, showing the request headers and payload.

Where are you experiencing the behavior?  What environment?

We first encountered this on Ceph 10.2.3. Our Ceph is 10.2.7 (latest Ubuntu packaged version for Xenial).

Comment 4 Vikhyat Umrao 2017-11-01 20:00:14 UTC

Master branch PR - https://github.com/ceph/ceph/pull/18658

Comment 5 mamccoma 2017-11-14 14:50:21 UTC

customer has confirmed this resolved their issue, and has also updated Upstream tracker stating this: http://tracker.ceph.com/issues/20201

Comment 7 Ken Dreyer (Red Hat) 2017-12-21 16:01:55 UTC

This is not in v12.2.1 upstream so we need to track this for RHCEPH 3.0 now as well.

Comment 9 Ken Dreyer (Red Hat) 2018-01-03 18:55:51 UTC

Would you please cherry-pick the change to ceph-3.0-rhel-patches (with the RHCEPH 3 clone ID number, "Resolves: rhbz#1530775") so customers do not experience a regression?

Comment 19 errata-xmlrpc 2018-02-21 19:44:55 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0340

Comment 20 Red Hat Bugzilla 2023-09-14 04:10:09 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days

Note You need to log in before you can comment on or make changes to this bug.