Incorrect handling of conditions. Tracing is not detailed. about minio HOT 21 CLOSED

Have you solved the issue? @bartwork
No, the problem is not solved yet.

@bartwork Have you add the fileds Awsaccesskeyid and Signature into policy conditions ?

from minio.

谢谢!

@bartwork You're welcome.

from minio.

Please share the code.

from minio.

The editor JS-code has been minified. But I can look for it. Are the queries generated by the editor not enough? Are the queries generated by the editor not enough? It works fine on another S3 service, but not on minio. Is there any way to get more detailed information about the error, except mc admin trace -v minioserver?

from minio.

No sir we need a reproducible code, it cannot be just random.

POST /sy seems wrong there can never be bucket name as /sy

from minio.

POST /sy seems wrong there can never be bucket name as /sy
The bucket was hidden. Here is an example of requests and policy.
The problem is the conditions. But the form conditions are described and work fine on another S3 service.

from minio.

The signature field looks like is wrong it must be Signature not signature

from minio.

The signature field looks like is wrong it must be Signature not signature
Changing to Signature didn't help.

from minio.

Is there an opportunity to somehow find out in more detail which condition the minio doesn’t like? Except mc admin trace -v minioserver

from minio.

Just set the error information keys to condition.

from minio.

https://github.com/minio/minio/pull/18074/files you can see the cmd/post-policy_test.go diff

from minio.

Thanks! Only, is it possible if I display errors in the source code and rebuild the Minio from the source code? Minio doesn't have such logs?

from minio.

@harshavardhana cc

from minio.

Thanks! Only, is it possible if I display errors in the source code and rebuild the Minio from the source code? Minio doesn't have such logs?

No plan for this. Thanks.

from minio.

The signature field looks like is wrong it must be Signature not signature
Changing to Signature didn't help.

@jiuker, the issue is still present. We can give a source log that adds some more conditions and provides more context for debugging this problem.

from minio.

Thanks! Only, is it possible if I display errors in the source code and rebuild the Minio from the source code? Minio doesn't have such logs?

Have you solved the issue? @bartwork

from minio.

@jiuker, the issue is still present. We can give a source log that adds some more conditions and provides more context for debugging this problem.
Yes, it would be nice. I'll show you the debugging if you send me the tool for this.

from minio.

Have you solved the issue? @bartwork
No, the problem is not solved yet.

from minio.

@bartwork Have you add the fileds Awsaccesskeyid and Signature into policy conditions ?
Thank you very much! Adding these fields to the condition solved the problem with the Minio.

['starts-with', '$signature', ''],
['starts-with', '$awsaccesskeyid', ''],

Interesting - but YandexCloud S3 gives an error for these conditions. But I will solve this with different policies for services.

Thank you! @jiuker 谢谢! Problem solved.

from minio.

Interesting - but YandexCloud S3 gives an error for these conditions. But I will solve this with different policies for services.

That looks like an incorrect implementation. AWS S3 mandates sending Awsaccesskeyid along with a signature; otherwise, there is no way to know which user the request is for.

from minio.

That looks like an incorrect implementation. AWS S3 mandates sending Awsaccesskeyid along with a signature; otherwise, there is no way to know which user the request is for.
Yes, it looks like it. The main problem with the Minio has been solved. Thank you! 🤝

from minio.