You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Matt Ryan (JIRA)" <ji...@apache.org> on 2019/07/17 21:53:00 UTC
[jira] [Updated] (OAK-7998) [DirectBinaryAccess] Verify that binary
exists in cloud before creating signed download URI
[ https://issues.apache.org/jira/browse/OAK-7998?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matt Ryan updated OAK-7998:
---------------------------
Description:
The direct binary access download logic doesn't actually verify that the requested blob is available in the cloud before creating the signed download URI. It is possible that a user could request a download URI for a blob that is "in the repo" but hasn't actually been uploaded yet.
We should verify this by uploading a new blob, preventing it being uploaded to the cloud (retain in cache), and then request the download URI. We should get a null back or get some other error or exception; if we get a URI it would return an HTTP 404 if the blob is not actually uploaded yet (maybe this would also be ok).
was:
IIUC, the direct binary access download logic doesn't actually verify that the requested blob is available in the cloud before creating the signed download URI. It is possible that a user could request a download URI for a blob that is "in the repo" but hasn't actually been uploaded yet.
We should verify this by uploading a new blob, preventing it being uploaded to the cloud (retain in cache), and then request the download URI. We should get a null back or get some other error or exception; if we get a URI it would return an HTTP 404 if the blob is not actually uploaded yet (maybe this would also be ok).
> [DirectBinaryAccess] Verify that binary exists in cloud before creating signed download URI
> -------------------------------------------------------------------------------------------
>
> Key: OAK-7998
> URL: https://issues.apache.org/jira/browse/OAK-7998
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: blob-cloud, blob-cloud-azure
> Affects Versions: 1.10.0
> Reporter: Matt Ryan
> Assignee: Matt Ryan
> Priority: Major
> Fix For: 1.16.0
>
>
> The direct binary access download logic doesn't actually verify that the requested blob is available in the cloud before creating the signed download URI. It is possible that a user could request a download URI for a blob that is "in the repo" but hasn't actually been uploaded yet.
> We should verify this by uploading a new blob, preventing it being uploaded to the cloud (retain in cache), and then request the download URI. We should get a null back or get some other error or exception; if we get a URI it would return an HTTP 404 if the blob is not actually uploaded yet (maybe this would also be ok).
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)