fix(uploader): reject filenames with characters that break upload signature#406
fix(uploader): reject filenames with characters that break upload signature#406tylere wants to merge 2 commits into
Conversation
…ure check The storage proxy verifies each upload's SigV4 signature, but its verification mismatches on !, ', (, ), and * in the object key (the browser's encodeURIComponent leaves them un-escaped), surfacing as a cryptic "Error: signature mismatch" deep inside the upload. Reject these up front in the queue with an actionable error instead of attempting — and failing — the upload. Closes #405 Co-authored-by: Tyler Erickson <tylere@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
@claude incorporate the last comment |
|
Claude finished @tylere's task in 6m 23s —— View job Done ✅Incorporated your feedback from the last comment:
Answering directly: no, the error messages don't disappear on their own — they stay until the item is removed from the queue. Now you can click the new dismiss (✕) icon next to the retry icon on any errored file to clear it immediately. One thing I noticed but did not change: the character check runs against the full upload key (folder path + filename), not just the filename. If an existing folder's name happens to contain a space, uploads into it will still be rejected with a message that says "in filename" even though the space is in the folder name. That upload would have failed with the old cryptic signature error either way (SigV4 signs the whole path), so this isn't a new regression — just imprecise wording in an edge case. Flagging it in case it's worth a follow-up. Couldn't run |
…errors Spaces trigger the same storage-proxy signature mismatch as !'()* — reject them up front too. Also add a per-item dismiss control in the file listing so an errored upload's message doesn't stay stuck forever with no way to clear it (the only prior clear-errors control lives in a notification widget that hides itself once nothing is actively uploading). Co-authored-by: Tyler Erickson <tylere@users.noreply.github.com>
There was a problem hiding this comment.
There's some thought in us guiding towards uploads-best-practices on the frontend (#288) but I think this is a legitimate bug that should be fixed on data.source.coop
UPDATE: This has been fixed by source-cooperative/data.source.coop#176

Summary
!,',(,), or*fails with a cryptic "Error: signature mismatch". The storage proxy's SigV4 signature verification doesn't handle those characters the way S3 does (an external service, outside this repo, so the signing bug itself can't be fixed here).UploadQueueManager.process()now marks any queued item whose key contains those characters aserrorwith an explanatory message. Both upload entry points (drag-and-drop and the file picker) funnel through this same queue, so the check applies uniformly.Test plan
upload-queue-manager.test.tscovering the rejection and the unaffected happy path.npm test/npm run lintin this sandbox (nonode_modules, no permission to install dependencies) - please run before merging.Closes #405
Generated with Claude Code