44 "context"
55 "net/http"
66 "net/url"
7- "path/filepath "
7+ "path"
88 "strings"
99
1010 "github.com/aws/aws-sdk-go-v2/aws"
@@ -14,29 +14,30 @@ import (
1414
1515func cleanFilepath (rawPath string ) (string , error ) {
1616 p , err := url .PathUnescape (rawPath )
17- // Replace /api with /
18- p = strings .Replace (p , "/api" , "/" , 1 )
1917 if err != nil {
2018 return "" , err
2119 }
22- return filepath .Clean ("/" + p ), nil
20+ // The download route is mounted under the /api group; strip that prefix to
21+ // recover the S3 key.
22+ p = strings .TrimPrefix (p , "/api" )
23+ // S3 keys are exact, literal strings under the aws-sdk-go-v2 client: a leading
24+ // slash makes "/cumulus/..." a different key than the stored "cumulus/..." and
25+ // real S3 returns NoSuchKey (the v1 SDK and MinIO normalize it, hiding this).
26+ // path.Clean still resolves any ".." for traversal safety.
27+ return strings .TrimPrefix (path .Clean ("/" + p ), "/" ), nil
2328}
2429
25- func ServeMedia (awsCfg * aws.Config , bucket * string , endpoint string , forcePathStyle , disableSSL bool ) echo.HandlerFunc {
30+ func ServeMedia (awsCfg * aws.Config , bucket * string , forcePathStyle bool ) echo.HandlerFunc {
2631 return func (c echo.Context ) error {
2732 path , err := cleanFilepath (c .Request ().RequestURI )
2833 if err != nil {
2934 return c .String (http .StatusBadRequest , err .Error ())
3035 }
3136
37+ // Endpoint/scheme come from the environment (AWS_ENDPOINT_URL_S3) via
38+ // awsCfg; only path-style addressing still needs to be set per-client.
3239 _client := s3 .NewFromConfig (* awsCfg , func (o * s3.Options ) {
33- o .UsePathStyle = forcePathStyle // was a.WithS3ForcePathStyle(...)
34- if endpoint != "" { // was: if cfg.AWSS3Endpoint != "" { a.WithEndpoint(...) }
35- o .BaseEndpoint = aws .String (endpoint )
36- }
37- if disableSSL { // was a.WithDisableSSL(...)
38- o .EndpointOptions .DisableHTTPS = true
39- }
40+ o .UsePathStyle = forcePathStyle
4041 })
4142 output , err := _client .GetObject (context .Background (), & s3.GetObjectInput {Bucket : bucket , Key : aws .String (path )})
4243 if err != nil {
0 commit comments