awscurl generates an incorrect request signature when user-supplied hostname includes capital letters.
bfrobin446 opened this issue · comments
The command awscurl --service sts -X POST -d 'Action=GetCallerIdentity&Version=2011-06-15' -H 'Content-Type: application/x-www-form-urlencoded' https://sts.us-east-1.amazonaws.com
successfully calls the GetCallerIdentity operation and returns a response.
If I change the URL by capitalizing some of the letters in the hostname, awscurl --service sts -X POST -d 'Action=GetCallerIdentity&Version=2011-06-15' -H 'Content-Type: application/x-www-form-urlencoded' https://STS.us-east-1.amazonaws.com
, I get a SignatureDoesNotMatch
error.
The code apparently assumes that the header values are already in their canonical form at the point where a comment describes how to canonicalize them (
Line 198 in b2ebe71