@@ -142,6 +142,38 @@ fn bucket_from_domain(url: &Url) -> anyhow::Result<String> {
142142 Ok ( domain_parts[ 0 ] . to_owned ( ) )
143143}
144144
145+ fn is_url_suspicious ( parsed_url_and_bucket : & Url ) -> bool {
146+ if parsed_url_and_bucket. query ( ) . is_some ( ) || parsed_url_and_bucket. fragment ( ) . is_some ( ) {
147+ warn ! (
148+ url = %parsed_url_and_bucket,
149+ "S3 bucket URL contains query or fragment, which looks suspicious"
150+ ) ;
151+ return true ;
152+ }
153+ if parsed_url_and_bucket. username ( ) != "" || parsed_url_and_bucket. password ( ) . is_some ( ) {
154+ warn ! (
155+ url = %parsed_url_and_bucket,
156+ "S3 bucket URL contains username or password, which looks suspicious"
157+ ) ;
158+ return true ;
159+ }
160+ if [ "https" , "http" ] . contains ( & parsed_url_and_bucket. scheme ( ) ) {
161+ warn ! (
162+ url = %parsed_url_and_bucket,
163+ "S3 bucket URL scheme is neither http nor https, which looks suspicious"
164+ ) ;
165+ return true ;
166+ }
167+ if parsed_url_and_bucket. host_str ( ) . is_none ( ) {
168+ warn ! (
169+ url = %parsed_url_and_bucket,
170+ "S3 bucket URL has no host, which looks suspicious"
171+ ) ;
172+ return true ;
173+ }
174+ false
175+ }
176+
145177fn split_url ( s3_bucket_url : & String ) -> anyhow:: Result < ( String , String ) > {
146178 // e.g BBBBBB.s3.bla.bli.amazonaws.blu, the bucket is part of the domain
147179 let s3_bucket_url = if s3_bucket_url. contains ( "minio:9000" ) {
@@ -154,6 +186,10 @@ fn split_url(s3_bucket_url: &String) -> anyhow::Result<(String, String)> {
154186 s3_bucket_url. to_owned ( )
155187 } ;
156188 let parsed_url_and_bucket = url:: Url :: parse ( & s3_bucket_url) ?;
189+ if is_url_suspicious ( & parsed_url_and_bucket) {
190+ error ! ( s3_bucket_url, "S3 bucket URL looks suspicious" ) ;
191+ return Err ( anyhow:: Error :: msg ( "S3 bucket URL looks suspicious" ) ) ;
192+ }
157193 let mut bucket = parsed_url_and_bucket
158194 . path ( )
159195 . trim_start_matches ( '/' )
0 commit comments