[SOLVED] Cannot download a file (or a folder) if its path contains parentheses (Cells v2)

giesmininkas · November 21, 2019, 9:48am

I get Http 403 with response "<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><Resource>/io/personal-files/aa(.zip</Resource></Error>"

I’m running on docker, pydio/cells:2.0.1 image.

bsinou · November 22, 2019, 8:40am

Hello @giesmininkas,

I have just tested, various download on our demo (a 2.0.1 that runs on docker with docker-compose):

file with “()” in name
file with “()” in parent folder name
folder with “()” in name
folder with “()” in parent folder name

And everything went fine, as it should, no problem.

Can you please provide some more info so that we can reproduce? thanks.

giesmininkas · November 22, 2019, 10:46am

OS: Debian buster stable
Reverse Proxy: Apache2

Pydio Cells is configured this way:

version: '3.6'
services:
  pydio:
    container_name: pydio
    image: pydio/cells:latest
    environment:
      - CELLS_BIND=0.0.0.0:80
      - CELLS_NO_TLS=1
      - CELLS_EXTERNAL=https://*****
    volumes:
      - /opt/pydio/config:/var/cells
      - /mnt/virtual/pydio/data:/var/cells/data
    ports:
      - "9380:80"
    restart: always

where /mnt/virtual is a /mnt/disk1:/mnt/disk2 /mnt/virtual fuse.mergerfs default,allow_other,use_ino 0 0

Apache config:

<VirtualHost *:80>
        ServerName ***
        ServerAdmin ****
        Redirect permanent / https://****/
</VirtualHost>

<VirtualHost *:443>
        ServerAdmin ****
        ServerName ***

        SSLEngine On
        SSLCertificateFile ****
        SSLCertificateKeyFile ****

        ProxyPreserveHost On

        RewriteEngine On
        RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
        RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
        RewriteRule .* ws://127.0.0.1:9380%{REQUEST_URI} [P,QSA,L]

        <Location />
                Require all granted
                ProxyPass http://127.0.0.1:9380/
                ProxyPassReverse http://127.0.0.1:9380/
                ProxyPassReverseCookieDomain 127.0.0.1 ****
        </Location>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

If i try to download, let’s say, a file in Common Files/aaa()/aaa.txt, front sends request https://*****/io/common-files/aaa%28%29/aaa.txt?AWSAccessKeyId=gateway&Expires=1574419545&Signature=***&response-content-disposition=attachment%3B%20filename%3Daaa.txt&pydio_jwt=****

In response I get:

<Error>
    <Code>SignatureDoesNotMatch</Code>
    <Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
    <Resource>/io/common-files/aaa()/aaa.txt</Resource> 
    <RequestId>****</RequestId>
    <HostId>***</HostId>
</Error>

and http code 403.

If i rename folder aaa() to just aaa, the problem disappears for the folder itself and every item in it.
Docker logs output does not contain anything related to the issue, as far as i can see.

I could provide more information, if you’d tell me what you need.

giesmininkas · November 26, 2019, 7:41pm

Solved. I was missing “nocanon” in ProxyPass.

bsinou · November 27, 2019, 10:17am

Hey, @giesmininkas thanks, for having given your solution and marked this as solved.
Happy file sharing