This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 71%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
I'm using the Azure REST API to copy files from one folder to another (https://learn.microsoft.com/en-us/rest/api/storageservices/copy-file). All files and folders are in the same account, in the same file share, uploaded by the same user account via the portal. I'm using SharedKey auth and the key is the same for all requests. The authentication portion code is from https://github.com/Azure-Samples/storage-dotnet-rest-api-with-auth.git and the requests are made from that code, adapted for Get/Copy requests.
My problem is that attempting to copy some files results in a 403 Forbidden response. This appears to be linked to the file type. The file extension is not a factor. I can copy .jpg (and .jpeg), .txt, and .pdf files. I cannot copy .exe, .mp4 or .zip files. If I rename a .exe file with a .jpg extension on my dev machine, then upload to /source folder via the portal, attempting to copy via the API results in a Forbidden response. File size is not a factor, I have actual .jpg files copy successfully that are larger than the problem file types.
I cannot find any example or explanation for this. Testing details below.
(replace [myaccount] with a string, [some guid] confirmed not null and valid guid value)
Directories under my file share are:
/destination
/source
Test 01: copy th.jpeg from source to destination
Request:
{Method: PUT, RequestUri: 'https://[myaccount].file.core.windows.net/[myshare]/destination/th.jpeg', Version: 1.1, Content: <null>, Headers:
{
x-ms-date: Wed, 27 Jan 2021 15:13:28 GMT
x-ms-version: 2017-04-17
x-ms-copy-source: https://[myaccount].file.core.windows.net/[myshare]/source/th.jpeg
Authorization: SharedKey [myaccount]:18sCuTcbEOA5TLC11hCEH0pkK93Ln/Wk1BSRy0ytEAA=
Request-Id: [value is same as failed requests]
}}
Response:
{StatusCode: 202, ReasonPhrase: 'Accepted', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
ETag: "0x8D8C2D61A12C96B"
Server: Windows-Azure-File/1.0
Server: Microsoft-HTTPAPI/2.0
x-ms-request-id: [some guid]
x-ms-version: 2017-04-17
x-ms-copy-id: [some guid]
x-ms-copy-status: success
Date: Wed, 27 Jan 2021 15:13:28 GMT
Content-Length: 0
Last-Modified: Wed, 27 Jan 2021 15:13:28 GMT
}}
same requests for the following files work:
11866.jpg 207.77 KiB
pancakes.jpg 6.26 MiB
subcontractor.pdf 232.36 KiB
text.txt 908 B
Test 02: copy 2M.jpg from source to destination
Request:
{Method: PUT, RequestUri: 'https://[myaccount].file.core.windows.net/[myshare]/destination/2M.jpg', Version: 1.1, Content: <null>, Headers:
{
x-ms-date: Wed, 27 Jan 2021 15:16:51 GMT
x-ms-version: 2017-04-17
x-ms-copy-source: https://[myaccount].file.core.windows.net/[myshare]/source/2M.jpg
Authorization: SharedKey [myaccount]:QWYuXaE0Djs8k3xtOYMpZ831zX/mVD1Kwx1jgwDK9Oo=
Request-Id: [value is same as successful requests]
}}
Response:
{StatusCode: 403, ReasonPhrase: 'Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Server: Microsoft-HTTPAPI/2.0
x-ms-request-id: [some guid]
Date: Wed, 27 Jan 2021 15:16:51 GMT
Content-Length: 763
Content-Type: application/xml
}}
same requests for the following files fail with the same status and reason:
15M.jpg 15.13 MiB
2M.jpg 2.77 MiB
7M.jpg 7.77 MiB
FCVideo.jpg 106.09 MiB
FCVideo.mp4 106.09 MiB
FluentConference.zip 1020.49 MiB
All jpg files in the above list are actually either .exe or .zip files that have been renamed.
@robertmglynn , thanks for your detailed post. Just to ensure, is it happening only with files where you change the extension type? Like for instance, .exe to .jpeg and such?
@Vignesh Balasubramanian the copy REST API call was working successfully with images and text files (.jpg, .txt). The call was failing with other file types like .exe, .mp4, .zip. So, I tried renaming a .mp4 file with a .jpg extension, and a .exe with a .jpg extension, on my local machine and copying that up to the source directory. Those (exe, mp4, zip) files still failed, even though they had a .jpg extension.
I also tested for file size, I have successfully copied .jpg files that are larger than some of the renamed .exe or .zip files.
One development I've found since posting this question, is that if I add a duplicate header, just adding a valid header twice to the same request, I get back a 403 Forbidden, instead of an expected 400 Bad Request or 500-series server error.
For clarity, I can make successful requests both before and after making bad ones, the executing code and access/security have not changed whatsoever.
@robertmglynn , sorry for the delay, didn't get notified. I understand. Thank you for the explanation. Are you using Shared Key as part of authorization header in Postman? I am not quite sure modifying the file type would work, if you look at the error message from Postman response and compare with the shared key that you are generating, there might be some difference which is why the Put calls are failing.