diff --git a/defaults/src/main/resources/default.properties b/defaults/src/main/resources/default.properties index f1d3c96e6bb..8581fa57fda 100644 --- a/defaults/src/main/resources/default.properties +++ b/defaults/src/main/resources/default.properties @@ -282,6 +282,7 @@ ftp.timezone.default= # Authentication header version # s3.signature.version=AWS2 s3.signature.version=AWS4HMACSHA256 +s3.signature.headers.exclude=Connection Authorization Proxy-Authorization Proxy-Connection # Default bucket location s3.location=us-east-1 diff --git a/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java b/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java index 946fcce4510..a6d3bd4b71d 100644 --- a/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java +++ b/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java @@ -378,23 +378,8 @@ public void process(final HttpRequest request, final HttpContext context) throws final class HttpHeaderFilter implements Predicate
{ @Override public boolean test(final Header header) { - if(HttpHeaders.AUTHORIZATION.equals(header.getName())) { - // Delete any previously set authorization header - return false; - } - if(HttpHeaders.CONNECTION.equals(header.getName())) { - return false; - } - if(HttpHeaders.PROXY_AUTHORIZATION.equals(header.getName())) { - return false; - } - if(HttpHeaders.PROXY_AUTHENTICATE.equals(header.getName())) { - return false; - } - if("Proxy-Connection".equals(header.getName())) { - return false; - } - return true; + return !new HostPreferences(host).getList("s3.signature.headers.exclude").stream() + .filter(s -> StringUtils.equalsIgnoreCase(s, header.getName())).findAny().isPresent(); } }