问题
I am using Django and S3Boto and whenever a signature has a '+' sign in it, I get a 403 Forbidden. If there is no '+' sign in the signature, I get the resource just fine. What could be wrong here?
UPDATE:
The repo is at : https://github.com/boto/boto
the files concerned are:
boto/utils.py
boto/s3/connection.py
NOTE: I am quite new to Python. I tried modifying the code but I still can't get the encoding done properly.
回答1:
In a nutshell, the problem is not in S3Boto but in some call to "unquote" that happens later on the url.
I answered a similar question here:
Inconsistent SignatureDoesNotMatch Amazon S3 with django-pipeline, s3boto and storages
Please check out my solution there.
回答2:
I'm a little short on time (as it's 1:30am) so unfortunately I do not have a code sample for you yet, but I believe this is because the value + in a URL should be encoded. So from github, your url of...
https://s3.amazonaws.com/dragonflysco/static/js/plugins/blockui.js?Signature=+tahbTacs5Vkzt5jQ+hZULzGPhE=&Expires=1345019173&AWSAccessKeyId=AKIAJNCPYIZVZXKOPCHA
should really be
https://s3.amazonaws.com/dragonflysco/static/js/plugins/blockui.js?Signature=%2BtahbTacs5Vkzt5jQ+hZULzGPhE=&Expires=1345019173&AWSAccessKeyId=AKIAJNCPYIZVZXKOPCHA
(Note: I replaced the + with %2B)
See http://www.w3schools.com/tags/ref_urlencode.asp
To fix the code, I would add an URLEncoding function where it builds the URL query string.
回答3:
I just committed what I hope will be a fix for this issue in boto. See https://github.com/boto/boto/commit/a01a5d1a1e88f79ed5db52639d3674d9eb5e45dc. Please let me know if this takes care of the problem.
来源:https://stackoverflow.com/questions/12006894/amazon-s3-python-s3boto-403-forbidden-when-signature-has-sign