make the behavior more clear from the Python code instead of buried b…

…ehind the C implementation
boto · Sep 3, 2024 · f1e047d · f1e047d
1 parent bbd449a
commit f1e047d
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/botocore/crt/auth.py b/botocore/crt/auth.py
@@ -495,8 +495,8 @@ def _apply_signing_changes(self, aws_request, signed_crt_request):
         aws_request.url = urlunsplit((p[0], p[1], p[2], signed_query, p[4]))
 
     def _should_add_content_sha256_header(self, existing_sha256, explicit_payload):
-        # only add X-Amz-Content-SHA256 header if header already exists.
-        return existing_sha256 is not None
+        # only add X-Amz-Content-SHA256 header if header already set to UNSIGNED_PAYLOAD
+        return existing_sha256 == UNSIGNED_PAYLOAD
 
 
 class CrtS3SigV4AsymQueryAuth(CrtSigV4AsymQueryAuth):
@@ -596,8 +596,8 @@ def _apply_signing_changes(self, aws_request, signed_crt_request):
         aws_request.url = urlunsplit((p[0], p[1], p[2], signed_query, p[4]))
 
     def _should_add_content_sha256_header(self, existing_sha256, explicit_payload):
-        # only add X-Amz-Content-SHA256 header if header already exists.
-        return existing_sha256 is not None
+        # only add X-Amz-Content-SHA256 header if header already set to UNSIGNED_PAYLOAD
+        return existing_sha256 == UNSIGNED_PAYLOAD
 
 
 class CrtS3SigV4QueryAuth(CrtSigV4QueryAuth):