blob/azureblob: validate URL endpoint overrides#3737
Conversation
|
Can you explain why you think this change is needed? |
|
Thanks for taking a look. The reason for this change is that the registered Today, if an application accepts or composes an This PR keeps custom endpoints available through trusted I rechecked the patch locally:
If you prefer a narrower compatibility-preserving approach, I can adjust the patch so the restriction only applies when the default registered opener is using environment/default credentials. |
vangent
left a comment
There was a problem hiding this comment.
I'm not sure I'm convinced this belongs here.
If applications are accepting arbitrary config URLs and passing them to this library, they can/should do some verification of them before that. I would expect most applications to have control over both the configuration and the environment.
| return &retval, nil | ||
| } | ||
|
|
||
| func allowedURLStorageDomain(domain string) bool { |
There was a problem hiding this comment.
In particular, I don't like hardcoding the list of valid domains; this seems fragile and doesn't belong here.
This change restricts endpoint overrides supplied through
azblob://bucket URLs.domainURL overrides are now limited to known Azure Blob service domains, andprotocol=httpis rejected in bucket URLs. Custom endpoints and local emulators remain configurable through trustedServiceURLOptionsor environment configuration instead of URL query parameters.The patch also updates the Azure Blob URL example and regenerated website example data.
Tests:
go test ./blob/azureblob -count=1go test ./blob/... -count=1(cd internal/website/gatherexamples && go test -count=1)internal/website/gatherexamples/run.sh | diff -u internal/website/data/examples.json -