Merge pull request #121 from livehigh/feat/2.11.3

Feat/2.11.4

Author: carsonxu

README.md

@@ -22,12 +22,19 @@ var cos = new COS({
     SecretId: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
     SecretKey: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
 });
+
+// 存储桶名称，由bucketname-appid 组成，appid必须填入，可以在COS控制台查看存储桶名称。 https://console.cloud.tencent.com/cos5/bucket
+var Bucket = 'test-1250000000';
+// 存储桶Region可以在COS控制台指定存储桶的概览页查看 https://console.cloud.tencent.com/cos5/bucket/ 
+// 关于地域的详情见 https://cloud.tencent.com/document/product/436/6224
+var Region = 'ap-guangzhou';
+
 // 分片上传
 cos.sliceUploadFile({
-    Bucket: 'test-1250000000', // Bucket 格式：test-1250000000
-    Region: 'ap-guangzhou',
+    Bucket: Bucket,
+    Region: Region,
     Key: '1.zip',
-    FilePath: './1.zip'
+    FilePath: './1.zip' // 本地文件地址，需自行替换
 }, function (err, data) {
     console.log(err, data);
 });

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cos-nodejs-sdk-v5",
-  "version": "2.11.3",
+  "version": "2.11.4",
   "description": "cos nodejs sdk v5",
   "main": "index.js",
   "types": "index.d.ts",

sdk/base.js

@@ -3133,20 +3133,14 @@ function getObjectUrl(params, callback) {
         queryParamsStr += (queryParamsStr ? '&' : '') + params.QueryString;
     }
 
-    // 签名加上 Host，避免跨桶访问
-    var SignHost = '';
-    var standardHost = 'cos.' + params.Region + '.myqcloud.com';
-    if (!self.options.ForcePathStyle) standardHost = params.Bucket + '.' + standardHost;
-    var urlHost = url.replace(/^https?:\/\/([^/]+)(\/.*)?$/, '$1');
-    if (standardHost === urlHost) SignHost = standardHost;
-
     var syncUrl = url;
     if (params.Sign !== undefined && !params.Sign) {
         queryParamsStr && (syncUrl += '?' + queryParamsStr);
         callback(null, {Url: syncUrl});
         return syncUrl;
     }
 
+    // 签名加上 Host，避免跨桶访问
     var SignHost = getSignHost.call(this, {Bucket: params.Bucket, Region: params.Region, Url: url});
     var AuthData = getAuthorizationAsync.call(this, {
         Action: ((params.Method || '').toUpperCase() === 'PUT' ? 'name/cos:PutObject' : 'name/cos:GetObject'),
@@ -3164,9 +3158,19 @@ function getObjectUrl(params, callback) {
             callback(err);
             return;
         }
+
+        // 兼容万象url qUrlParamList需要再encode一次
+        var replaceUrlParamList = function(url) {
+            var urlParams = url.match(/q-url-param-list.*?(?=&)/g)[0];
+            var encodedParams = 'q-url-param-list=' + encodeURIComponent(urlParams.replace(/q-url-param-list=/, '')).toLowerCase();
+            var reg = new RegExp(urlParams, 'g');
+            var replacedUrl = url.replace(reg, encodedParams);
+            return replacedUrl;
+        }
+
         var signUrl = url;
         signUrl += '?' + (AuthData.Authorization.indexOf('q-signature') > -1 ?
-            AuthData.Authorization : 'sign=' + encodeURIComponent(AuthData.Authorization));
+            replaceUrlParamList(AuthData.Authorization) : 'sign=' + encodeURIComponent(AuthData.Authorization));
         AuthData.SecurityToken && (signUrl += '&x-cos-security-token=' + AuthData.SecurityToken);
         AuthData.ClientIP && (signUrl += '&clientIP=' + AuthData.ClientIP);
         AuthData.ClientUA && (signUrl += '&clientUA=' + AuthData.ClientUA);
@@ -3324,7 +3328,7 @@ function getAuthorizationAsync(params, callback) {
     var headers = util.clone(params.Headers);
     var headerHost = '';
     util.each(headers, function (v, k) {
-        (v === '' || ['content-type', 'cache-control', 'expires'].indexOf(k.toLowerCase()) > -1) && delete headers[k];
+        (v === '' || ['content-type', 'cache-control'].indexOf(k.toLowerCase()) > -1) && delete headers[k];
         if (k.toLowerCase() === 'host') headerHost = v;
     });
 

sdk/cos.js

@@ -65,6 +65,14 @@ var COS = function (options) {
         if (this.options.secretKey && !this.options.SecretKey) this.options.SecretKey = this.options.secretKey;
         console.warn('warning: Please change options secretId/secretKey to SecretId/SecretKey.');
     }
+    if (this.options.SecretId && this.options.SecretId.indexOf(' ') > -1) {
+        console.error('error: SecretId格式错误，请检查');
+        console.error('error: SecretId format is incorrect. Please check');
+    }
+    if (this.options.SecretKey && this.options.SecretKey.indexOf(' ') > -1) {
+        console.error('error: SecretKey格式错误，请检查');
+        console.error('error: SecretKey format is incorrect. Please check');
+    }
     if (util.isWeb()) {
         console.warn('warning: cos-nodejs-sdk-v5 不支持浏览器使用，请改用 cos-js-sdk-v5，参考文档： https://cloud.tencent.com/document/product/436/11459');
         console.warn('warning: cos-nodejs-sdk-v5 does not support browsers. Please use cos-js-sdk-v5 instead, See: https://cloud.tencent.com/document/product/436/11459');

sdk/util.js

@@ -16,33 +16,56 @@ function camSafeUrlEncode(str) {
 }
 
 var getObjectKeys = function (obj, forKey) {
-  var list = [];
-  for (var key in obj) {
-      if (obj.hasOwnProperty(key)) {
-          list.push(forKey ? camSafeUrlEncode(key).toLowerCase() : key);
-      }
-  }
-  return list.sort(function (a, b) {
-      a = a.toLowerCase();
-      b = b.toLowerCase();
-      return a === b ? 0 : (a > b ? 1 : -1);
-  });
+    var list = [];
+    for (var key in obj) {
+        if (obj.hasOwnProperty(key)) {
+            list.push(forKey ? camSafeUrlEncode(key).toLowerCase() : key);
+        }
+    }
+    return list.sort(function (a, b) {
+        a = a.toLowerCase();
+        b = b.toLowerCase();
+        return a === b ? 0 : (a > b ? 1 : -1);
+    });
 };
 
-var obj2str = function (obj) {
-  var i, key, val;
-  var list = [];
-  var keyList = getObjectKeys(obj);
-  for (i = 0; i < keyList.length; i++) {
-      key = keyList[i];
-      val = (obj[key] === undefined || obj[key] === null) ? '' : ('' + obj[key]);
-      key = camSafeUrlEncode(key).toLowerCase();
-      val = camSafeUrlEncode(val) || '';
-      list.push(key + '=' + val)
-  }
-  return list.join('&');
+/**
+ * obj转为string
+ * @param  {Object}  obj                需要转的对象，必须
+ * @param  {Boolean} lowerCaseKey       key是否转为小写，默认false，非必须
+ * @return {String}  data               返回字符串
+ */
+var obj2str = function (obj, lowerCaseKey) {
+    var i, key, val;
+    var list = [];
+    var keyList = getObjectKeys(obj);
+    for (i = 0; i < keyList.length; i++) {
+        key = keyList[i];
+        val = (obj[key] === undefined || obj[key] === null) ? '' : ('' + obj[key]);
+        key = lowerCaseKey? camSafeUrlEncode(key).toLowerCase() : camSafeUrlEncode(key);
+        val = camSafeUrlEncode(val) || '';
+        list.push(key + '=' + val)
+    }
+    return list.join('&');
 };
 
+// 可以签入签名的headers
+var signHeaders = ['content-disposition', 'content-encoding', 'content-length', 'content-md5',
+    'expect', 'expires', 'host', 'if-match', 'if-modified-since', 'if-none-match', 'if-unmodified-since',
+    'origin', 'range', 'response-cache-control', 'response-content-disposition', 'response-content-encoding',
+    'response-content-language', 'response-content-type', 'response-expires', 'transfer-encoding', 'versionid'];
+
+var getSignHeaderObj = function (headers) {
+    var signHeaderObj = {};
+    for (var i in headers) {
+        var key = i.toLowerCase();
+        if (key.indexOf('x-cos-') > -1 || signHeaders.indexOf(key) > -1) {
+            signHeaderObj[i] = headers[i];
+        }
+    }
+    return signHeaderObj;
+}
+
 //测试用的key后面可以去掉
 var getAuth = function (opt) {
     opt = opt || {};
@@ -52,7 +75,7 @@ var getAuth = function (opt) {
     var KeyTime = opt.KeyTime;
     var method = (opt.method || opt.Method || 'get').toLowerCase();
     var queryParams = clone(opt.Query || opt.params || {});
-    var headers = clone(opt.Headers || opt.headers || {});
+    var headers = getSignHeaderObj(clone(opt.Headers || opt.headers || {}));
 
     var Key = opt.Key || '';
     var pathname;
@@ -93,7 +116,7 @@ var getAuth = function (opt) {
     var signKey = crypto.createHmac('sha1', SecretKey).update(qKeyTime).digest('hex');
 
     // 步骤二：构成 FormatString
-    var formatString = [method, pathname, obj2str(queryParams), obj2str(headers), ''].join('\n');
+    var formatString = [method, pathname, obj2str(queryParams, true), obj2str(headers, true), ''].join('\n');
     formatString = Buffer.from(formatString, 'utf8');
 
     // 步骤三：计算 StringToSign