File tree 2 files changed +23
-0
lines changed
packages/s3-request-presigner/src
2 files changed +23
-0
lines changed Original file line number Diff line number Diff line change @@ -111,4 +111,25 @@ describe("getSignedUrl", () => {
111111 const commands = [ command , command ] ;
112112 return expect ( Promise . all ( commands . map ( ( command ) => getSignedUrl ( client , command ) ) ) ) . resolves . toBeInstanceOf ( Array ) ;
113113 } ) ;
114+
115+ it . each ( [ "amz-sdk-invocation-id" , "amz-sdk-request" , "x-amz-user-agent" ] ) (
116+ "should delete '%s' header" ,
117+ async ( header ) => {
118+ const client = new S3Client ( clientParams ) ;
119+ const command = new GetObjectCommand ( {
120+ Bucket : "Bucket" ,
121+ Key : "Key" ,
122+ } ) ;
123+ command . middlewareStack . add (
124+ ( next ) => ( args ) => {
125+ ( args . request ?? { } ) [ header ] = "foo" ;
126+ return next ( args ) ;
127+ } ,
128+ { step : "serialize" , priority : "low" }
129+ ) ;
130+ await getSignedUrl ( client , command ) ;
131+ expect ( mockPresign ) . toBeCalled ( ) ;
132+ expect ( mockPresign . mock . calls [ 0 ] [ 0 ] . headers [ header ] ) . toBeUndefined ( ) ;
133+ }
134+ ) ;
114135} ) ;
Original file line number Diff line number Diff line change @@ -24,6 +24,8 @@ export const getSignedUrl = async <
2424 // Retry information headers are not meaningful in presigned URLs
2525 delete request . headers [ "amz-sdk-invocation-id" ] ;
2626 delete request . headers [ "amz-sdk-request" ] ;
27+ // User agent header would leak sensitive information
28+ delete request . headers [ "x-amz-user-agent" ] ;
2729
2830 const presigned = await s3Presigner . presign ( request , {
2931 ...options ,
You can’t perform that action at this time.
0 commit comments