Describe the bug
When deleting an object, the request includes content-length: 0 and content-type: text/plain in the SigV4 signature. A DELETE has no body, so these headers should not be part of the canonical request. AWS S3 tolerates this, but Cloudflare R2 enforces SigV4 more strictly and rejects the request with 403 SignatureDoesNotMatch ("The request signature we calculated does not match the signature you provided"). The result is that no object can ever be deleted on R2, while PUT, GET and HEAD all work fine.
To Reproduce
Configure a bucket against a Cloudflare R2 endpoint with credentials, put an object, then call bucket.delete_object(path). The PUT succeeds; the DELETE returns 403 SignatureDoesNotMatch. The same call against AWS S3 succeeds, which is why it often goes unnoticed.
Environment
- lib version [e.g.
0.22.12]: 0.37.2
Describe the bug
When deleting an object, the request includes content-length: 0 and content-type: text/plain in the SigV4 signature. A DELETE has no body, so these headers should not be part of the canonical request. AWS S3 tolerates this, but Cloudflare R2 enforces SigV4 more strictly and rejects the request with 403 SignatureDoesNotMatch ("The request signature we calculated does not match the signature you provided"). The result is that no object can ever be deleted on R2, while PUT, GET and HEAD all work fine.
To Reproduce
Configure a bucket against a Cloudflare R2 endpoint with credentials, put an object, then call bucket.delete_object(path). The PUT succeeds; the DELETE returns 403 SignatureDoesNotMatch. The same call against AWS S3 succeeds, which is why it often goes unnoticed.
Environment
0.22.12]: 0.37.2