fix: ignore signaturev2 for policy header check (#19551)

2026-02-04 18:00:15 -05:00 · 2024-04-20 00:45:54 +08:00
parent cd50e9b4bc
commit 9205434ed3
3 changed files with 6 additions and 2 deletions
--- a/cmd/postpolicyform.go
+++ b/cmd/postpolicyform.go
@@ -347,6 +347,11 @@ func checkPostPolicy(formValues http.Header, postPolicyForm PostPolicyForm) erro
 		}
 		delete(checkHeader, formCanonicalName)
 	}
+	// For SignV2 - Signature field will be ignored
+	// Policy is generated from Signature with other fields, so it should be ignored
+	if _, ok := formValues[xhttp.AmzSignatureV2]; ok {
+		delete(checkHeader, xhttp.AmzSignatureV2)
+	}

 	if len(checkHeader) != 0 {
 		logKeys := make([]string, 0, len(checkHeader))