Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
How to prevent SDK leaking host information to AWS?
See original GitHub issueConfirm by changing [ ] to [x] below:
- I’ve gone through Developer Guide and API reference
- I’ve checked AWS Forums and StackOverflow for answers
Describe the question
When pre-signing an S3 URL for a client to upload an image to, the SDK will generate a URL that includes an x-amz-user-agent part that leaks information about our host system to the user and AWS:
&x-amz-user-agent=aws-sdk-js%2F3.13.0%20os%2Flinux%2F4.14.181-140.257.amzn2.x86_64%20lang%2Fjs%20md%2Fnodejs%2F14.16.1%20api%2Fs3%2F3.13.0%20exec-env%2FAWS_ECS_EC2
We would like this information to not be included in the URL. It is unclear to me what the SDK tries to achieve by including it in the first place.
Issue Analytics
- State:
- Created 2 years ago
- Comments:7 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Hi @oliversalzburg
Thank you a lot for reporting this. You are right that SDK should not expose any information about the user who generates the URL. It will be removed in next release. I will keep you posted on this thread.
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.