From d817ab3706ab72ae7d26ea91ccdc43473a8daf27 Mon Sep 17 00:00:00 2001
From: Evgenii Baidakov <evgenii@nspcc.io>
Date: Thu, 21 Nov 2024 12:39:58 +0400
Subject: [PATCH] authmate: Check endpoint validity for presigned URL

Closes #1025.

Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
---
 cmd/s3-authmate/main.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cmd/s3-authmate/main.go b/cmd/s3-authmate/main.go
index 478b095e..f79f69ce 100644
--- a/cmd/s3-authmate/main.go
+++ b/cmd/s3-authmate/main.go
@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"net/url"
 	"os"
 	"os/signal"
 	"runtime"
@@ -477,6 +478,15 @@ It will be ceil rounded to the nearest amount of epoch.`,
 				})
 			}
 
+			u, err := url.Parse(endpointFlag)
+			if err != nil {
+				return fmt.Errorf("invalid endpoint %q: %w", endpointFlag, err)
+			}
+
+			if u.Scheme != "http" && u.Scheme != "https" {
+				return fmt.Errorf("invalid endpoint %[1]q, you must specify scheme. For instance: http://%[1]s or https://%[1]s", endpointFlag, err)
+			}
+
 			sess, err := session.NewSessionWithOptions(session.Options{
 				Config:            cfg,
 				Profile:           profileFlag,