-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failure to download GitHub release asset after #69
Comments
The redirect URL seems to point to AWS S3 which seems sensitive to some URL encoding issues. I have to study this a bit more, but I have seen this before in other contexts. Either encoding is too eager or too loose, there is not one solution. Here is my initial workspace:
The last two expressions show the difference between the Location URL in unparsed/parsed form. |
ZnUrl's encoding strategy is currently based on https://datatracker.ietf.org/doc/html/rfc3986/#appendix-A Specifically, the query part allows unencoded Zn parses the URL (correctly even if it encodes more than needed), then renders it again (without the encoding), hence it is different. The AWS S3 signature in the query part most probably depends on the URL being literally identical. I have to read a bit more to figure out what can be done. |
We have a similar issue with the Moose images. They also are downloaded from a GitHub release. The issue can be reproduced by trying to download a Moose image in the Pharo launcher:
This snippet reproduces it: url := 'https://github.com/moosetechnology/Moose/releases/download/continuous/Moose9-development.zip'.
ZnClient new
signalProgress: true;
url: url;
enforceHttpSuccess: true;
downloadTo: '/tmp/moose-test' |
With the following commit (update Zinc HTTP Components from this repository), you can specify a different encoding strategy for the query part of URLs, which makes the initial example pass
or the equivalent with the downloadTo: |
The Moose download passes as follows:
|
It is also possible to modify the localOptions of a specific client instance:
|
Thank you very much. The workaround works. |
Thanks for the feedback. BTW, here is another way to customise the local options of a client, as a single expression:
|
Hi @svenvc, I can confirm it also works for Moose download: url := 'https://github.com/moosetechnology/Moose/releases/download/continuous/Moose9-development.zip'.
ZnClient new
signalProgress: true;
url: url;
enforceHttpSuccess: true;
withOptions: [ :options |
options at: #queryKeyValueSafeSet put: (ZnOptions queryKeyValueSafeSet \ '/;') ];
downloadTo: '/tmp/moose-test'. If I understand well, '/;' characters should not be encoded with a percent. Is it a recent change of github? Zinc worked like a charm before. How did you debug this issue? It is interesting if we have a similar problem in the future. Thanks for the quick fix. |
Thank you @demarey for testing and for the feedback. How I found the problem ? The final redirect failed, everything looked reasonable, but the URL was very complicated and I spotted a difference between the URL in the location header field and the one actually being followed. Zinc always parses and re-renders URLs. I know that this is a sensitive area. Percent encoding can be done on a scale: very safely, encoding everything except for a small set of safe characters, which most URL parsers will accept (Zinc does), or encoding as little as possible, following the specs to the max. Now, in this case (I guess something changed on their end), the final URL looks like an AWS S3 access with an embedded signature (AWS v4 signature). That code is very picky about encoding, formatting, ordering, etc - because it signs a very specific input. Somehow the validation code has certain expectations about the general encoding of the resulting URL. We are forced to follow (at least for now). But that is not (yet) strong enough an argument to change the default (which also came about from some trial and error, I remember I once had it on encode everything and that gave issues too). All this has now been recorded and we will see how it goes. |
I am having issues on downloading a GitHub release asset with zinc in Pharo 9. I suspect this might be related to an encoding issue that might be invalidating a security token that is required for downloading the artifact after the redirect. The issue can be replicated with the following snippet on a playground:
The text was updated successfully, but these errors were encountered: