Key 拼接 url 用 camSafeUrlEncode

tencentyun · Dec 7, 2018 · cf7ca67 · cf7ca67
1 parent e527581
commit cf7ca67
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 53 deletions.
diff --git a/demo/demo.js b/demo/demo.js
@@ -17,6 +17,15 @@ var util = {
     }
 };
 
+function camSafeUrlEncode(str) {
+    return encodeURIComponent(str)
+        .replace(/!/g, '%21')
+        .replace(/'/g, '%27')
+        .replace(/\(/g, '%28')
+        .replace(/\)/g, '%29')
+        .replace(/\*/g, '%2A');
+}
+
 var cos = new COS({
     getAuthorization: function (options,callback) {
 
@@ -164,7 +173,7 @@ function getAuth() {
             AuthData = {Authorization: AuthData.Authorization};
         }
         var url = 'http://' + config.Bucket + '.cos.' + config.Region + '.myqcloud.com' + '/' +
-            encodeURIComponent(key).replace(/%2F/g, '/') +
+            camSafeUrlEncode(key).replace(/%2F/g, '/') +
             '?' + AuthData +
             (AuthData.XCosSecurityToken ? '&' + AuthData.XCosSecurityToken : '');
         logger.log(url);
@@ -578,7 +587,7 @@ function putObjectCopy() {
         Bucket: config.Bucket, // Bucket 格式：test-1250000000
         Region: config.Region,
         Key: '1mb.copy.zip',
-        CopySource: config.Bucket + '.cos.' + config.Region + '.myqcloud.com/' + encodeURIComponent('1mb.zip').replace(/%2F/g, '/'), // Bucket 格式：test-1250000000
+        CopySource: config.Bucket + '.cos.' + config.Region + '.myqcloud.com/' + camSafeUrlEncode('1mb.zip').replace(/%2F/g, '/'), // Bucket 格式：test-1250000000
     }, function (err, data) {
         logger.log(err || data);
     });
@@ -819,7 +828,7 @@ function sliceCopyFile() {
     var sourceName = '3mb.zip';
     var Key = '3mb.copy.zip';
 
-    var sourcePath = config.Bucket + '.cos.' + config.Region + '.myqcloud.com/'+ encodeURIComponent(sourceName).replace(/%2F/g, '/');
+    var sourcePath = config.Bucket + '.cos.' + config.Region + '.myqcloud.com/'+ camSafeUrlEncode(sourceName).replace(/%2F/g, '/');
 
     cos.sliceCopyFile({
         Bucket: config.Bucket, // Bucket 格式：test-1250000000

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cos-js-sdk-v5",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "description": "cos js sdk v5",
   "main": "index.js",
   "scripts": {

diff --git a/src/base.js b/src/base.js
@@ -1925,7 +1925,7 @@ function getUrl(params) {
     }
     url += '/';
     if (object) {
-        url += encodeURIComponent(object).replace(/%2F/g, '/');
+        url += util.camSafeUrlEncode(object).replace(/%2F/g, '/');
     }
 
     if (params.isLocation) {

diff --git a/src/util.js b/src/util.js
@@ -470,6 +470,7 @@ var util = {
     filter: filter,
     clone: clone,
     uuid: uuid,
+    camSafeUrlEncode: camSafeUrlEncode,
     throttleOnProgress: throttleOnProgress,
     getFileSize: getFileSize,
     isBrowser: true,

diff --git a/test/test.js b/test/test.js
@@ -27,26 +27,35 @@ var util = {
     }
 };
 
+function camSafeUrlEncode(str) {
+    return encodeURIComponent(str)
+        .replace(/!/g, '%21')
+        .replace(/'/g, '%27')
+        .replace(/\(/g, '%28')
+        .replace(/\)/g, '%29')
+        .replace(/\*/g, '%2A');
+}
+
 var getAuthorization = function (options, callback) {
 
 
-    // // 方法一、后端通过获取临时密钥给到前端，前端计算签名
-    // var url = '../server/sts.php';
-    // var xhr = new XMLHttpRequest();
-    // xhr.open('GET', url, true);
-    // xhr.onload = function (e) {
-    //     try {
-    //         var data = JSON.parse(e.target.responseText);
-    //     } catch (e) {
-    //     }
-    //     callback({
-    //         TmpSecretId: data.credentials && data.credentials.tmpSecretId,
-    //         TmpSecretKey: data.credentials && data.credentials.tmpSecretKey,
-    //         XCosSecurityToken: data.credentials && data.credentials.sessionToken,
-    //         ExpiredTime: data.expiredTime,
-    //     });
-    // };
-    // xhr.send();
+    // 方法一、后端通过获取临时密钥给到前端，前端计算签名
+    var url = '../server/sts.php';
+    var xhr = new XMLHttpRequest();
+    xhr.open('GET', url, true);
+    xhr.onload = function (e) {
+        try {
+            var data = JSON.parse(e.target.responseText);
+        } catch (e) {
+        }
+        callback({
+            TmpSecretId: data.credentials && data.credentials.tmpSecretId,
+            TmpSecretKey: data.credentials && data.credentials.tmpSecretKey,
+            XCosSecurityToken: data.credentials && data.credentials.sessionToken,
+            ExpiredTime: data.expiredTime,
+        });
+    };
+    xhr.send();
 
 
     // // 方法二、后端通过获取临时密钥给到前端，前端计算签名
@@ -235,37 +244,52 @@ group('mock readAsBinaryString', function () {
     });
 });
 
-// group('getAuth()', function () {
-//     test('getAuth()', function (done, assert) {
-//         var content = Date.now().toString();
-//         var key = '1.txt';
-//         cos.putObject({
-//             Bucket: config.Bucket,
-//             Region: config.Region,
-//             Key: key,
-//             Body: content,
-//         }, function (err, data) {
-//             var AuthData = cos.getAuth({
-//                 Method: 'get',
-//                 Key: key
-//             });
-//             if (typeof AuthData === 'string') {
-//                 AuthData = {Authorization: AuthData};
-//             }
-//             var link = 'http://' + config.Bucket + '.cos.' + config.Region + '.myqcloud.com' + '/' +
-//                 encodeURIComponent(key).replace(/%2F/g, '/') + '?' + AuthData.Authorization +
-//                 (AuthData.XCosSecurityToken ? '&x-cos-security-token=' + AuthData.XCosSecurityToken : '');
-//             request({
-//                 url: link,
-//                 proxy: proxy,
-//             }, function (err, response, body) {
-//                 assert.ok(response.statusCode === 200);
-//                 assert.ok(body === content);
-//                 done();
-//             });
-//         });
-//     });
-// });
+group('getAuth()', function () {
+    test('getAuth()', function (done, assert) {
+        var content = Date.now().toString();
+        var key = '1.txt';
+        cos.putObject({
+            Bucket: config.Bucket,
+            Region: config.Region,
+            Key: key,
+            Body: content,
+        }, function (err, data) {
+            cos.options.getAuthorization({
+                Method: 'get',
+                Key: key,
+                Scope: [{
+                    action: 'GetObject',
+                    bucket: config.Bucket,
+                    region: config.Region,
+                    prefix: key,
+                }],
+            }, function (AuthData) {
+                if (typeof AuthData === 'string') {
+                    AuthData = {Authorization: AuthData};
+                }
+                if (!AuthData.Authorization) {
+                    AuthData.Authorization = COS.getAuthorization({
+                        SecretId: AuthData.TmpSecretId,
+                        SecretKey: AuthData.TmpSecretKey,
+                        Method: 'get',
+                        Key: key,
+                    });
+                }
+                var link = 'http://' + config.Bucket + '.cos.' + config.Region + '.myqcloud.com' + '/' +
+                    camSafeUrlEncode(key).replace(/%2F/g, '/') + '?' + AuthData.Authorization +
+                    (AuthData.XCosSecurityToken ? '&x-cos-security-token=' + AuthData.XCosSecurityToken : '');
+                request({
+                    url: link,
+                    proxy: proxy,
+                }, function (err, response, body) {
+                    assert.ok(response.statusCode === 200);
+                    assert.ok(body === content);
+                    done();
+                });
+            });
+        });
+    });
+});
 
 group('getObjectUrl()', function () {
     test('getObjectUrl()', function (done, assert) {