Return parseable error on S3 requests (#1120)

Return S3 compatible error when an S3 API request is made to the console port. Before: ``` λ mc ls local9090 mc: <ERROR> Unable to list folder. XML syntax error on line 1: invalid character entity &display (no semicolon) ``` After: ``` λ mc ls local9090 mc: <ERROR> Unable to list folder. S3 API Request made to Console port. S3 Requests should be sent to MinIO API port. ```
2021-10-20 02:18:16 -07:00
parent 1d69024e3a
commit 854468a713
1 changed files with 22 additions and 1 deletions
--- a/restapi/configure_console.go
+++ b/restapi/configure_console.go
@@ -186,7 +186,28 @@ func setupGlobalMiddleware(handler http.Handler) http.Handler {
 		IsDevelopment:                   false,
 	}
 	secureMiddleware := secure.New(secureOptions)
-	return secureMiddleware.Handler(next)
+	return RejectS3Middleware(secureMiddleware.Handler(next))
+}
+
+// RejectS3Middleware will reject requests that have AWS S3 specific headers.
+func RejectS3Middleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if len(r.Header.Get("X-Amz-Content-Sha256")) > 0 ||
+			len(r.Header.Get("X-Amz-Date")) > 0 ||
+			strings.HasPrefix(r.Header.Get("Authorization"), "AWS4-HMAC-SHA256") ||
+			r.URL.Query().Get("AWSAccessKeyId") != "" {
+			w.WriteHeader(http.StatusForbidden)
+			w.Write([]byte(`<?xml version="1.0" encoding="UTF-8"?>
+<Error>
+  <Code>AccessDenied</Code>
+  <Message>S3 API Request made to Console port. S3 Requests should be sent to API port.</Message>
+  <RequestId>0</RequestId>
+</Error>
+`))
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
 }

 func AuthenticationMiddleware(next http.Handler) http.Handler {