mirror of
https://github.com/rclone/rclone.git
synced 2024-11-22 11:35:21 +08:00
bc8f0208aa
Before this change the rest package would forward all the headers on
an HTTP redirect, including the Authorization: header. This caused
problems when forwarded to a signed S3 URL ("Only one auth mechanism
allowed") as well as being a potential security risk.
After we use the go1.8+ mechanism for doing this instead of using our
own which does it correctly removing the Authorization: header when
redirecting to a different host.
This hasn't fixed the behaviour for rclone compiled with go1.7.
Fixes #2635
|
||
|---|---|---|
| .. | ||
| atexit | ||
| dircache | ||
| israce | ||
| oauthutil | ||
| pacer | ||
| readers | ||
| rest | ||