diff --git a/gems/aws-sigv4/CHANGELOG.md b/gems/aws-sigv4/CHANGELOG.md index bf1132754da..ea5e2c5eda3 100644 --- a/gems/aws-sigv4/CHANGELOG.md +++ b/gems/aws-sigv4/CHANGELOG.md @@ -1,6 +1,8 @@ Unreleased Changes ------------------ +* Issue - Don't overwrite `host` header in sigv4 signer if given. + 1.2.0 (2020-06-17) ------------------ diff --git a/gems/aws-sigv4/lib/aws-sigv4/signer.rb b/gems/aws-sigv4/lib/aws-sigv4/signer.rb index 78f01a6db55..799d1398adf 100644 --- a/gems/aws-sigv4/lib/aws-sigv4/signer.rb +++ b/gems/aws-sigv4/lib/aws-sigv4/signer.rb @@ -219,7 +219,7 @@ def sign_request(request) content_sha256 ||= sha256_hexdigest(request[:body] || '') sigv4_headers = {} - sigv4_headers['host'] = host(url) + sigv4_headers['host'] = headers['host'] || host(url) sigv4_headers['x-amz-date'] = datetime sigv4_headers['x-amz-security-token'] = creds.session_token if creds.session_token sigv4_headers['x-amz-content-sha256'] ||= content_sha256 if @apply_checksum_header @@ -376,7 +376,7 @@ def presign_url(options) url = extract_url(options) headers = downcase_headers(options[:headers]) - headers['host'] = host(url) + headers['host'] ||= host(url) datetime = headers['x-amz-date'] datetime ||= (options[:time] || Time.now).utc.strftime("%Y%m%dT%H%M%SZ") diff --git a/gems/aws-sigv4/spec/signer_spec.rb b/gems/aws-sigv4/spec/signer_spec.rb index 96d5549fbcb..9d4640e699c 100644 --- a/gems/aws-sigv4/spec/signer_spec.rb +++ b/gems/aws-sigv4/spec/signer_spec.rb @@ -144,6 +144,16 @@ module Sigv4 expect(signature.headers['host']).to eq('domain.com') end + context 'when a Host header is provided' do + it 'uses the provided Host header' do + signature = Signer.new(options).sign_request( + request.merge(headers: { 'host' => 'otherdomain.com' }) + ) + + expect(signature.headers['host']).to eql('otherdomain.com') + end + end + context 'when credentials are not set' do let(:creds) do Credentials.new(access_key_id: '', secret_access_key: '')