16809: Fix empty Host header value used in signature check.

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@tomclegg.ca>

diff --git a/services/keep-web/s3.go b/services/keep-web/s3.go
index 15f35f36084c6d6b7dae8bf89f99fa8c7c020773..f3edf9894e243c1e99dc2cfd1c669a250e342843 100644 (file)
--- a/services/keep-web/s3.go
+++ b/services/keep-web/s3.go
@@ -90,7 +90,7 @@ func s3stringToSign(alg, scope, signedHeaders string, r *http.Request) (string,
        var canonicalHeaders string
        for _, h := range strings.Split(signedHeaders, ";") {
                if h == "host" {
-                       canonicalHeaders += h + ":" + r.URL.Host + "\n"
+                       canonicalHeaders += h + ":" + r.Host + "\n"
                } else {
                        canonicalHeaders += h + ":" + r.Header.Get(h) + "\n"
                }