Skip to content

Update Post Policy V4 Conformance Tests #3943

Closed
#3980
Closed
Update Post Policy V4 Conformance Tests#3943
#3980
Assignees
dopiera
Labels
api: storageIssues related to the Cloud Storage API.priority: p2Moderately-important priority. Fix may not be included in next release.type: bugError or flaw in code with unintended results or allowing sub-optimal usage patterns.
@frankyn

Description

@frankyn
frankyn
opened on Apr 25, 2020

The Storage library support for Post Policy V4 has a security risk that is addressed in the latest PR to Storage conformance tests: googleapis/conformance-tests#31

The fix is to add {\"bucket\":\"bucket-name\"} to Post Policy V4 policy which is then signed.

Here's an example solution in Ruby: googleapis/google-cloud-ruby#5803

@coryan can you help prioritize this?

Metadata

Metadata

Assignees

Labels

api: storageIssues related to the Cloud Storage API.priority: p2Moderately-important priority. Fix may not be included in next release.type: bugError or flaw in code with unintended results or allowing sub-optimal usage patterns.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions