fix: remove authorization header from core.windows.net requests for A…

…zure docker registries
renovatebot · Jul 1, 2020 · 09dbe60 · 09dbe60
1 parent d70b8c1
commit 09dbe60
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/lib/util/http/index.ts b/lib/util/http/index.ts
@@ -81,8 +81,11 @@ export class Http<GetOptions = HttpOptions, PostOptions = HttpPostOptions> {
     options.hooks = {
       beforeRedirect: [
         (opts: any): void => {
-          // Check if request has been redirected to Amazon
-          if (opts.search?.includes('X-Amz-Algorithm')) {
+          // Check if request has been redirected to Amazon or an Azure blob (ACR)
+          if (
+            opts.search?.includes('X-Amz-Algorithm') ||
+            opts.hostname?.endsWith('blob.core.windows.net')
+          ) {
             // if there is no port in the redirect URL string, then delete it from the redirect options.
             // This can be evaluated for removal after upgrading to Got v10
             const portInUrl = opts.href.split('/')[2].split(':')[1];
@@ -91,7 +94,8 @@ export class Http<GetOptions = HttpOptions, PostOptions = HttpPostOptions> {
               delete opts.port; // Redirect will instead use 80 or 443 for HTTP or HTTPS respectively
             }
 
-            // registry is hosted on amazon, redirect url includes authentication.
+            // registry is hosted on Amazon or Azure blob, redirect url includes
+            // authentication which is not required and should be removed
             delete opts.headers.authorization; // eslint-disable-line no-param-reassign
             delete opts.auth; // eslint-disable-line no-param-reassign
           }