starred/fake-gcs-server
1
0
Fork 0
mirror of https://github.com/fsouza/fake-gcs-server.git synced 2026-04-25 21:55:56 +03:00
Code Issues 117 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #270] Internal Error when trying to upload with signed URLs #2204

New issue
Closed
opened 2026-03-15 18:00:57 +03:00 by kerem · 4 comments
kerem commented 2026-03-15 18:00:57 +03:00
Owner
Copy link

Originally created by @ex-nerd on GitHub (Jun 13, 2020).
Original GitHub issue: https://github.com/fsouza/fake-gcs-server/issues/270

Extracted from my (now-removed) comment on #217 since it seems to be related, but not identical to that problem.

I'm trying to mimic signed upload URLs. I know my code (with a URL generated by GCS/KMS) works against actual GCS but attempts to generate a URL that will work with fake-gcs-server results in Internal Error.

My replication code looks something like this:

import requests

session = requests.Session()
session.verify = False

resp = session.post(
    "https://my-public-uri.local:4443/my-bucket/my-test-key-to-create?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=fake-gcs&X-Goog-Expires=3600&X-Goog-SignedHeaders=host&X-Goog-Signature=fake-gcs'
    files={
        "file": (
            "my-test-key",
            f"this is an upload test",
            "text/plain",
        )
    },
)
print(resp.status_code)

This results in a response with an error message claiming invalid character '-' in numeric literal\n

I've tracked this down to a problem in loadMetadata expecting some form of JSON data but my actual body looks like this:

--ea7516aedd980cfb6672d9ed6301a60b\r\nContent-Disposition: form-data; name="file"; filename="my-test-key"\r\nContent-Type: text/plain\r\n\r\nthis is an upload test\r\n--ea7516aedd980cfb6672d9ed6301a60b--\r\n

If I add &uploadType=multipart to my URL to force this into a multipart upload, the error changes to invalid character 'h' in literal true (expecting 'r')\n from the if err != io.EOF check in multipartUpload().

P.S. It'd be really handy if there was a way to do a stack trace for those errors ... I was lazy and added a bunch of prefix text to the error messages to figure out which was which, but it was a bit tedious.

Originally created by @ex-nerd on GitHub (Jun 13, 2020). Original GitHub issue: https://github.com/fsouza/fake-gcs-server/issues/270 Extracted from my (now-removed) comment on #217 since it seems to be related, but not identical to that problem. I'm trying to mimic signed upload URLs. I know my code (with a URL generated by GCS/KMS) works against actual GCS but attempts to generate a URL that will work with fake-gcs-server results in `Internal Error`. My replication code looks something like this: ```python import requests session = requests.Session() session.verify = False resp = session.post( "https://my-public-uri.local:4443/my-bucket/my-test-key-to-create?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=fake-gcs&X-Goog-Expires=3600&X-Goog-SignedHeaders=host&X-Goog-Signature=fake-gcs' files={ "file": ( "my-test-key", f"this is an upload test", "text/plain", ) }, ) print(resp.status_code) ``` This results in a response with an error message claiming `invalid character '-' in numeric literal\n` I've tracked this down to a problem in `loadMetadata` expecting some form of JSON data but my actual body looks like this: ``` --ea7516aedd980cfb6672d9ed6301a60b\r\nContent-Disposition: form-data; name="file"; filename="my-test-key"\r\nContent-Type: text/plain\r\n\r\nthis is an upload test\r\n--ea7516aedd980cfb6672d9ed6301a60b--\r\n ``` If I add `&uploadType=multipart` to my URL to force this into a multipart upload, the error changes to `invalid character 'h' in literal true (expecting 'r')\n` from the `if err != io.EOF` check in `multipartUpload()`. P.S. It'd be really handy if there was a way to do a stack trace for those errors ... I was lazy and added a bunch of prefix text to the error messages to figure out which was which, but it was a bit tedious.
kerem 2026-03-15 18:00:57 +03:00
kerem commented 2026-03-15 18:01:13 +03:00
Author
Owner
Copy link

@ex-nerd commented on GitHub (Jun 13, 2020):

One other minor point. GCS returns a 204 for signed POST requests, not a 200

<!-- gh-comment-id:643558415 --> @ex-nerd commented on GitHub (Jun 13, 2020): One other minor point. GCS returns a `204` for signed POST requests, not a `200`
kerem commented 2026-03-15 18:01:18 +03:00
Author
Owner
Copy link

@ex-nerd commented on GitHub (Jun 17, 2020):

Additionally, the upload seems to be pulling the key from the name query string property (similarly to media) or from the file metadata, rather than from the URL path itself.

A standard signed URL request looks like this:

https://storage.googleapis.com/my-bucket-name/test-file-for-signed-urls?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=<MY-CREDENTIALS>&X-Goog-Date=20200617T035632Z&X-Goog-Expires=3600&X-Goog-SignedHeaders=host&X-Goog-Signature=<LONG-SIGNATURE-HERE>

I assume the key name is embedded in the signature (at least for verification purposes), but the bucket and key name are also right there on the URL. It would make much more sense for fake-gcs-server to honor the key name on the URL path rather than require a separate nonstandard property that GCS seems happy to ignore.

Note: I discovered this issue when using uploadType=media as a workaround for this bug, so that may also need similar behavior (I don't know how that particular uploadType works in actual GCS).

<!-- gh-comment-id:645134137 --> @ex-nerd commented on GitHub (Jun 17, 2020): Additionally, the upload seems to be pulling the `key` from the `name` query string property (similarly to `media`) or from the file metadata, rather than from the URL path itself. A standard signed URL request looks like this: ``` https://storage.googleapis.com/my-bucket-name/test-file-for-signed-urls?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=<MY-CREDENTIALS>&X-Goog-Date=20200617T035632Z&X-Goog-Expires=3600&X-Goog-SignedHeaders=host&X-Goog-Signature=<LONG-SIGNATURE-HERE> ``` I assume the key name is embedded in the signature (at least for verification purposes), but the bucket and key name are also right there on the URL. It would make much more sense for fake-gcs-server to honor the key name on the URL path rather than require a separate nonstandard property that GCS seems happy to ignore. _Note: I discovered this issue when using `uploadType=media` as a workaround for this bug, so that may also need similar behavior (I don't know how that particular `uploadType` works in actual GCS)._
kerem commented 2026-03-15 18:01:24 +03:00
Author
Owner
Copy link

@Sytten commented on GitHub (Jun 28, 2021):

Same error here, is there a work around except the media?
The JSON body is really not standard, the form is the usual way of sending the parameters.

<!-- gh-comment-id:869920556 --> @Sytten commented on GitHub (Jun 28, 2021): Same error here, is there a work around except the media? The JSON body is really not standard, the form is the usual way of sending the parameters.
kerem commented 2026-03-15 18:01:29 +03:00
Author
Owner
Copy link

@Sytten commented on GitHub (Jun 29, 2021):

Ok I understand it is because we use the form upload which is in the XML API: https://cloud.google.com/storage/docs/xml-api/post-object-forms#html

<!-- gh-comment-id:870149074 --> @Sytten commented on GitHub (Jun 29, 2021): Ok I understand it is because we use the form upload which is in the XML API: https://cloud.google.com/storage/docs/xml-api/post-object-forms#html
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/npm_and_yarn/examples/node/fast-xml-parser-5.7.1
dependabot/github_actions/goreleaser/goreleaser-action-7.1.0
dependabot/github_actions/actions/cache-5.0.5
v1.54.0
v1.53.1
v1.53.0
v1.52.3
v1.52.2
v1.52.1
v1.52.0
v1.51.0
v1.50.2
v1.50.1
v1.50.0
v1.49.3
v1.49.2
v1.49.1
v1.49.0
v1.48.0
v1.47.8
v1.47.7
v1.47.6
v1.47.5
v1.47.4
v1.47.3
v1.47.2
v1.47.1
v1.47.0
v1.46.0
v1.45.2
v1.45.1
v1.45.0
v1.44.2
v1.44.1
v1.44.0
v1.43.0
v1.42.2
v1.42.1
v1.42.0
v1.41.0
v1.40.3
v1.40.2
v1.40.1
v1.40.0
v1.39.0
v1.38.4
v1.38.3
v1.38.2
v1.38.1
v1.38.0
v1.37.12
v1.37.11
v1.37.10
v1.37.9
v1.37.8
v1.37.3
v1.37.2
v1.37.1
v1.37.0
v1.36.3
v1.36.2
v1.36.1
v1.36.0
v1.35.0
v1.34.1
v1.34.0
v1.33.1
v1.33.0
v1.32.2
v1.32.1
v1.32.0
v1.31.1
v1.31.0
v1.30.2
v1.30.1
v1.30.0
1.29.2
v1.29.1
v1.29.0
v1.28.0
v1.27.0
v1.26.0
v1.25.2
v1.25.1
v1.25.0
v1.24.0
v1.23.1
v1.23.0
v1.22.7
v1.22.6
v1.22.5
v1.22.4
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.21.2
v1.21.1
v1.21.0
v1.20.0
v1.19.5
v1.19.4
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.1
v1.17.0
v1.16.3
v1.16.2
v1.16.1
v1.16.0
v1.15.0
v1.14.1
v1.14.0
v1.13.1
v1.13.0
v1.12.1
v1.12.0
v1.11.6
v1.11.5
v1.11.4
v1.11.3
v1.11.2
v1.11.1
v1.11.0
v1.10.1
v1.10.0
v1.9.0
v1.8.0
v1.7.1
v1.7.0
v1.6.2
v1.6.1
v1.6.0
v1.5.1
v1.5.0
v1.4.2
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.0
v1.1.0
v1.0.0
Labels
Clear labels   
bug

   
compatibility-issue

   
docker

   
documentation

   
enhancement

   
help wanted

   
needs information

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
unfortunate

   
wontfix
No labels
bug
compatibility-issue
docker
documentation
enhancement
help wanted
needs information
pull-request
question
stale
unfortunate
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/fake-gcs-server#2204
No description provided.