Krakend modifying AWS S3 Signatures with %

[qtpi-bonding]

I believe my Krakend is working correctly however I am wondering what to do about this. So I have SeaweedFS behind my Krakend (Its similar to AWS S3 in terms of API). I have pre-signed URLs with % and weird special characters in it. I think Krakend is not parsing them exactly even when I do "no-op".

When I do the echo endpoint for debugging

Krakend turns %3D into "=".

It seems like this is intended and is it similar to this question? Shouldn't "no-op" pass everything fine?

#915

I am not sure what the solution would be if it is intended behavior. If it is intended, can you please suggest options on how to proceed?

Environment info:

• KrakenD version: Run krakend help | grep Version and copy the output here
• System info: Run uname -srm or write docker when using containers
• Hardware specs: Number of CPUs, RAM, etc
• Backend technology: Node, PHP, Java, Go, etc.
• Additional environment information:

Describe what are you trying to do:
A clear and concise description of what you want to do and what is the expected result.

Your configuration file:

"endpoints": [
    {
      "endpoint": "/debug/seaweedfs/{segment1}/{segment2}/{segment3}",
      "method": "GET",
      "input_headers": [
              "*"
      ],
      "input_query_strings": [
              "*"
      ],
      "output_encoding": "no-op",
      "backend": [
        {
          "host": [
            "https://DOMAIN"
          ],
          "url_pattern": "/__echo/{segment1}/{segment2}/{segment3}",
          "method": "GET",
          "encoding": "no-op",
          "extra_config": {
            "modifier/martian": {}
          }
        }
      ]
    },

Configuration check output:
Result of krakend check -dtc krakend.json --lint command

	- GET /debug/seaweedfs/:segment1/:segment2/:segment3
	Timeout: 10s
	QueryString: [*]
	Connecting to 1 backend(s):
		[+] GET /__echo/{{.Segment1}}/{{.Segment2}}/{{.Segment3}}
		Timeout: 10s
		Hosts: [https://DOMAIN]
		1 backend component configuration(s):
		- modifier/martian

Commands used:
How did you start the software?

Docker compose

curl -L "https://DOMAIN/debug/seaweedfs/seaweedfs/default-bucket/image_1.png_1740905799.456462?AWSAccessKeyId=xba2uC4L2C601lmeVVzTflWb&Signature=7zQvQLejq2nkLnETUR9LcHMEBy8%3D&Expires=1743497800"

Logs:

    "req_uri": "/__echo/seaweedfs/default-bucket/image_1.png_1740905799.456462?AWSAccessKeyId=xba2uC4L2C601lmeVVzTflWb\u0026Expires=1743497800\u0026Signature=7zQvQLejq2nkLnETUR9LcHMEBy8%3D",
    "req_uri_details": {
        "fragment": "",
        "host": "DOMAIN",
        "path": "/__echo/seaweedfs/default-bucket/image_1.png_1740905799.456462",
        "query": "AWSAccessKeyId=xba2uC4L2C601lmeVVzTflWb\u0026Expires=1743497800\u0026Signature=7zQvQLejq2nkLnETUR9LcHMEBy8%3D",
        "user": ""
    },
    "req_method": "GET",
    "req_querystring": {
        "AWSAccessKeyId": [
            "xba2uC4L2C601lmeVVzTflWb"
        ],
        "Expires": [
            "1743497800"
        ],
        "Signature": [
            "7zQvQLejq2nkLnETUR9LcHMEBy8="
        ]
    },
    "req_body": "",
    "req_headers": {
        "Accept": [
            "*/*"
        ],
        "Accept-Encoding": [
            "gzip"
        ],
        "User-Agent": [
            "curl/8.7.1"
        ],
        "X-Forwarded-For": [
            "XXXXXX"
        ],
        "X-Forwarded-Host": [
            "DOMAIN"
        ],
        "X-Forwarded-Via": [
            "KrakenD Version 2.7.2"
        ]
    }
}

Additional comments:

[ALX99]

Hi @qtpi-bonding

Just want to share, the only way we managed to fix it was what I mentioned in #915 (Which essentially requires forking KrakenD).
Then another workaround has to be applied to fix the following Gin bug gin-gonic/gin#4033, also described in the bug ticket.

If you find an easier workaround, it would be great if you could share!

[qtpi-bonding]

Ok, thank you very much. I appreciate your help.