Minio Client share download does not work on csv files.

[JarcauCristian]

I have encountered a bug in which I can't get the share link with the Minio client (mc) tool, but only for files that have as the mime type text/csv, but for all other types of files and objects it works.

The error message is: mc.exe: Unable to stat minio1/dataspace/iris.csv. Insufficient permissions to access this path https://minio1/dataspace/iris.csv.

The mc version is RELEASE.2023-09-29T16-41-22Z.

And I have checked if there is any policies that should prevent getting the share link for csv file type.
Also the configuration of Minio instance was let as by default.
The operating system version is: Linux 5.15.0-1038 Ubuntu .

And the bucket configuration is let as default.

If you could please help me.

[prakashsvmx]

could you run mc admin trace minio1 -v while trying the download ?

[JarcauCristian]

I am getting this when running the command for a csv file.

---

[REQUEST s3.GetBucketLocation] [2023-10-03T06:42:02.907] [Client IP: ip]
GET /dataspace/?location=
Proto: HTTP/1.1
Host: minio1
Accept-Encoding: gzip
Cdn-Loop: cloudflare
Cf-Ipcountry: RO
X-Forwarded-Proto: https
Cf-Connecting-Ip: 86.123.20.70
X-Amz-Date: 20231003T034208Z
Cf-Ray: 81022c432ee698ba-OTP
Cf-Visitor: {"scheme":"https"}
Cf-Warp-Tag-Id: e6ed80d9-e28e-4a64-b1a8-8ecdbab89639
Content-Length: 0
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
Authorization: AWS4-HMAC-SHA256 Credential=super/20231003/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=a406c84beda7144cb3907acc9f783341356de5c8b1441cf148165c46cdb1412f
Connection: keep-alive
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61 mc.exe/DEVELOPMENT.GOGET
X-Forwarded-For: 86.123.20.70

[RESPONSE] [2023-10-03T06:42:02.910] [ Duration 2.599ms TTFB 1.992992ms ↑ 210 B ↓ 128 B ]
200 OK
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin,Accept-Encoding
X-Amz-Request-Id: 178A7BF9E6D02809
X-Content-Type-Options: nosniff
Content-Length: 128
Content-Type: application/xml
Server: MinIO
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8

[REQUEST s3.GetObject] [2023-10-03T06:42:03.001] [Client IP: ip]
GET /dataspace/client.csv
Proto: HTTP/1.1
Host: minio1
Authorization: AWS4-HMAC-SHA256 Credential=super/20231003/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=5513b904c5bacd4837f0bd7653a98d750ff4110a4364d25594b1ad67bb39beaf
Cf-Visitor: {"scheme":"https"}
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20231003T034209Z
Cdn-Loop: cloudflare
Cf-Connecting-Ip: 86.123.20.70
Cf-Ipcountry: RO
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61 mc.exe/DEVELOPMENT.GOGET
Accept-Encoding: gzip
Cf-Ray: 81022c447fb198ba-OTP
X-Forwarded-Proto: https
Cf-Warp-Tag-Id: e6ed80d9-e28e-4a64-b1a8-8ecdbab89639
Connection: keep-alive
Content-Length: 0
X-Forwarded-For: 86.123.20.70

[RESPONSE] [2023-10-03T06:42:03.003] [ Duration 1.582ms TTFB 1.550051ms ↑ 210 B ↓ 437 B ]
403 Forbidden
Accept-Ranges: bytes
Content-Length: 437
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin,Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Content-Type: application/xml
Server: MinIO
X-Amz-Request-Id: 178A7BF9EC6B1AF6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

SignatureDoesNotMatch The request signature we calculated does not match the signature you provided. Check your key and signing method. client.csv dataspace /dataspace/client.csv 178A7BF9EC6B1AF6 dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8 ---------------

And this for a file that does not end in .csv or has the mime type csv.

---

[REQUEST s3.GetBucketLocation] [2023-10-03T06:44:56.790] [Client IP: ip]
GET /dataspace/?location=
Proto: HTTP/1.1
Host: minio1
Accept-Encoding: gzip
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Forwarded-For: ip
Authorization: AWS4-HMAC-SHA256 Credential=super/20231003/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=e71f51ac7e0185d3d6e7a0069358262cf95a264cca6d3381d45ef654ac523fd7
Cf-Ray: 81023082bba827c1-OTP
Cf-Visitor: {"scheme":"https"}
Connection: keep-alive
Content-Length: 0
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61 mc.exe/DEVELOPMENT.GOGET
Cdn-Loop: cloudflare
Cf-Ipcountry: RO
X-Forwarded-Proto: https
Cf-Connecting-Ip: ip
Cf-Warp-Tag-Id: e6ed80d9-e28e-4a64-b1a8-8ecdbab89639
X-Amz-Date: 20231003T034502Z

[RESPONSE] [2023-10-03T06:44:56.792] [ Duration 1.877ms TTFB 1.83758ms ↑ 210 B ↓ 128 B ]
200 OK
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 128
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 178A7C22630A24E9
X-Xss-Protection: 1; mode=block
Content-Type: application/xml
Server: MinIO
Vary: Origin,Accept-Encoding

LocationConstraint xmlns="http://s3.amazonaws.com/doc/2006-03-01/">

[REQUEST s3.HeadObject] [2023-10-03T06:44:56.867] [Client IP: ip]
HEAD /dataspace/browsers.json
Proto: HTTP/1.1
Host:
Accept-Encoding: gzip
Cf-Connecting-Ip: ip
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61 mc.exe/DEVELOPMENT.GOGET
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20231003T034503Z
Cdn-Loop: cloudflare
X-Forwarded-Proto: https
Authorization: AWS4-HMAC-SHA256 Credential=super/20231003/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3be64606982edd1a733505a5c45854738d03e90c2662ca579639b44b5fa1b137
Cf-Ipcountry: RO
Cf-Ray: 810230833beb27c1-OTP
Cf-Visitor: {"scheme":"https"}
Cf-Warp-Tag-Id: e6ed80d9-e28e-4a64-b1a8-8ecdbab89639
Connection: keep-alive
Content-Length: 0
X-Forwarded-For: ip

[RESPONSE] [2023-10-03T06:44:56.873] [ Duration 5.991ms TTFB 0s ↑ 210 B ↓ 0 B ]
200 OK
Accept-Ranges: bytes
Content-Length: 170
Content-Type: application/json
Vary: Origin,Accept-Encoding
X-Content-Type-Options: nosniff
ETag: "9db746ff45d9eb7e9ab8930216ace07c"
Last-Modified: Fri, 18 Aug 2023 09:50:26 GMT
Server: MinIO
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 178A7C22679D17C5
X-Xss-Protection: 1; mode=block

[REQUEST s3.HeadObject] [2023-10-03T06:44:56.955] [Client IP: ip]
HEAD /dataspace/browsers.json
Proto: HTTP/1.1
Host: minio1
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61 mc.exe/DEVELOPMENT.GOGET
Cf-Connecting-Ip: ip
Cf-Warp-Tag-Id: e6ed80d9-e28e-4a64-b1a8-8ecdbab89639
Connection: keep-alive
Content-Length: 0
Cf-Ray: 81023083cc4e27c1-OTP
Cf-Visitor: {"scheme":"https"}
X-Amz-Date: 20231003T034503Z
Cf-Ipcountry: RO
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Forwarded-Proto: https
Accept-Encoding: gzip
Authorization: AWS4-HMAC-SHA256 Credential=super/20231003/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3be64606982edd1a733505a5c45854738d03e90c2662ca579639b44b5fa1b137
Cdn-Loop: cloudflare
X-Forwarded-For: ip
[RESPONSE] [2023-10-03T06:44:56.958] [ Duration 2.285ms TTFB 0s ↑ 210 B ↓ 0 B ]
200 OK
Content-Length: 170
Content-Type: application/json
ETag: "9db746ff45d9eb7e9ab8930216ace07c"
Last-Modified: Fri, 18 Aug 2023 09:50:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin,Accept-Encoding
X-Amz-Request-Id: 178A7C226CE287AB
Accept-Ranges: bytes
X-Xss-Protection: 1; mode=block
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Content-Type-Options: nosniff
Server: MinIO

[prakashsvmx]

community members have earlier reported that, it is a cloudflare issue accessing csv files. please check from cloudflare end

[JarcauCristian]

Ah, ok. Thank you very much for your time.