zed-industries/zed
1
1
Fork 0
mirror of https://github.com/zed-industries/zed.git synced 2025-01-05 06:17:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #281 from zed-industries/fix-release-asset-redirects

Browse Source 
Don't pass GH auth header when following redirects for release assets
This commit is contained in:
Max Brunsfeld 2021-12-07 12:49:49 -08:00 committed by GitHub
commit bd6e972d0f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
crates/server/src/github.rs
View File

@ -208,9 +208,25 @@ impl RepoClient {
"Authorization",
self.installation_token_header(false).await?,
);
let client = surf::client().with(surf::middleware::Redirect::new(5));
let client = surf::client();
let mut response = client.send(request).await?;
// Avoid using `surf::middleware::Redirect` because that type forwards
// the original request headers to the redirect URI. In this case, the
// redirect will be to S3, which forbids us from supplying an
// `Authorization` header.
if response.status().is_redirection() {
if let Some(url) = response.header("location") {
let request = surf::get(url.as_str()).header("Accept", "application/octet-stream");
response = client.send(request).await?;
}
}
if !response.status().is_success() {
Err(anyhow!("failed to fetch release asset {} {}", tag, name))?;
}
Ok(response.take_body())
}