Bug: GenerateSignedURL produces malformed URL when source has query string #2
Посилання в новій задачі
Заблокувати користувача
Видалити гілку "%!s()"
Видалення гілки є незворотним. Хоча видалена гілка може продовжувати існувати ще деякий час до того, як її буде видалено остаточно, у більшості випадків це НЕМОЖЛИВО скасувати. Продовжити?
Bug
In
internal/imgcache/signature.go,GenerateSignedURL()embeds the query string mid-path:This produces URLs like
/v1/image/cdn.example.com/photo.jpg?foo=bar/800x600.webpwhere?foo=bar/800x600.webpbecomes the query string, not the path. The size/format segment after the?is parsed as a query parameter, not as a path segment.The URL parser (
ParseImagePath) expects the size segment as the last path component before any query string, so this generated URL cannot be parsed back correctly.Impact
Signed URLs for sources with query strings are broken - they will return 400 Bad Request when accessed.
Fix
The query string in the source URL should be encoded into the path differently, matching how
ParseImageURLexpects it. Looking at the URL parser, it expects the formathost/path?query/size.formatwhere the?queryis embedded in a path segment. But this conflicts with how HTTP URLs work. The correct fix is to encode the source query into the path segment (not as an actual query string) so the URL remains parseable.