Forward metadata param on signed uploads in Util.buildUploadParams#387
Open
sebastienmartin-bm wants to merge 1 commit into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔍 Brief Summary of Changes
Hello there @const-cloudinary, it seems you are the person in charge taking care of the repository 💪
Here is a little PR that hopefully solves and explain an issue we encountered lately with @vschoener
When an upload request carries a server-computed
signature,Util.buildUploadParamstakes a "pre-signed" branch that forwards only a fixed allow-list of write params.🐛 Our issue:
metadatais not on the "allow-list" list, so it is silently dropped and never sent to Cloudinary that re-compute the signature against our backend:Root cause
In
cloudinary-core/.../com/cloudinary/Util.java,buildUploadParamsonly copiesmetadataviaprocessWriteParameters, which is only called if there are no signatures.The
else(signature-present) branch forwardseager, transformation, headers, tags, face_coordinates, context, ocr, raw_convert, categorization, detection, similarity_search, auto_tagging, access_control- but notmetadata.Fix
Add
metadatato the pre-signed pass-through branch, mirroring howcontextis already handled there (the value is already serialized, so it's passed through as-is).📑 Note on SDK parity w/ 🍎
The iOS SDK does not filter params on the signed path (CLDNetworkCoordinator.getSignedRequestParams forwards the full param set), so a presigned upload including
metadataalready works on iOS.This change brings the Java/Android SDK in line (at least for the metadata).
ℹ️ With this changes we were able to fix our upload issue by making
cloudinary-android-corea local patched module ofcloudinary-core.Many thanks for your time reviewing the PR 🙏
What does this PR address?
Are tests included?
✅ Checklist: