Issue description
The x-oss-additional-headers field in the signed URL is left empty.
Causes
A signed URL is used to send a request, but the x-oss-additional-headers field in the URL parameter is left empty.
Examples
You initiated a request to include the signature in the URL parameter, but the x-oss-additional-headers field is left empty.
GET /test.txt?x-oss-signature-version=OSS2&x-oss-additional-headers=&x-oss-access-key-id=44CF9***&x-oss-expires=1475462111&x-oss-signature=abc*** HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Range: bytes=100-900Solutions
The
x-oss-additional-headersfield is optional. You can delete this field if you do not want to add additional request headers to calculate the signature.If you want to add additional request headers to calculate the signature, add the
x-oss-additional-headersfield in the URL parameter and make sure that a valid value is specified for this field. The following section describes how to construct the x-oss-additional-headers field:All headers in the x-oss-additional-headers field must be lowercase letters.
All headers in the x-oss-additional-headers field are sorted in ascending alphabetical order.
The elements in an array are separated by semicolons (;) to obtain a string.
For example, you must add the Host and Range headers to calculate the signature in the preceding example. In this case, you must set the
x-oss-additional-headersfield tohost;range.
We recommend that you use Alibaba Cloud SDKs to initiate requests. Alibaba Cloud SDKs automatically generate signatures for the requests without the need to manually calculate a signature. For more information, see Overview.