🐛(backend) fix s3 version_id validation #1496
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loosen url version_id path validation to match s3 specification Signed-off-by: lennartzellmer <2241624+lennartzellmer@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Loosen URL
version_idPath Validation to Match S3 SpecificationPurpose
The current validation for
version_idis too strict. It assumes that a version ID consists only of lowercase characters, numbers, and hyphens. This holds true for MINIO, which uses UUIDs as version IDs. However, according to the S3 documentation, version IDs can be more opaque strings:-> More details: https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html#version-ids
This discrepancy causes issues with Hetzner's S3-compatible storage, which uses opaque strings as version IDs. These IDs can contain uppercase and lowercase letters as well as special characters.
When running tests against a Hetzner S3 bucket with versioning enabled, the current validation fails:
Here’s an example of a Hetzner
version_idthat doesn’t conform to the UUID format:{ ... "versions": [ { "etag": "\"d153d2e52bbf6f443d6eb47439079b2f\"", "is_latest": false, "last_modified": "2025-10-16T14:55:33.471000Z", "version_id": "jH7VgK5xKEY-yWGxRpcDSRw30.p0r0m" }, ... ] }Solution
Loosen the version_id validation logic to accept any opaque string up to 1,024 characters, aligning with the official S3 specification.
Why Tests Are Not Adjusted
The generation of version_id values is handled by the S3 implementation and is outside the scope of the test suite. The underlying issue is the assumption that all S3-compatible systems use UUID-like values. Since this is not a guaranteed or testable property across providers, no test adjustments are necessary.
All existing tests were executed successfully against both Hetzner S3 and MINIO after applying the fix:
External contribution
Thank you for your contribution! 🎉
Please ensure the following items are checked before submitting your pull request:
git commit --signoff(DCO compliance)git commit -S)<gitmoji>(type) title description## [Unreleased]section (if noticeable change)