From 1f828b475b12debeff5753a64de12e22c7b4dfe1 Mon Sep 17 00:00:00 2001
From: DarthSim <darthsim@gmail.com>
Date: Mon, 19 Aug 2024 18:26:47 +0300
Subject: [PATCH] Fix handling `#` symbols in non-HTTP(S) source URLs

---
 CHANGELOG.md          |  6 +++++-
 imagedata/download.go | 12 ++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9334b23c..0741b3ce 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,9 +1,13 @@
 # Changelog
 
 ## [Unreleased]
+# Add
 - (pro) Add [monochrome](https://docs.imgproxy.net/latest/usage/processing#monochrome) processing option.
 - (pro) Add [duotone](https://docs.imgproxy.net/latest/usage/processing#duotone) processing option.
 
+# Fix
+- Fix handling `#` symbols in `local://`, `s3://`, `gcs://`, `abs://`, and `swift://` URLs.
+
 ## [3.25.0] - 2024-07-08
 ### Add
 - Add [IMGPROXY_S3_ASSUME_ROLE_EXTERNAL_ID](https://docs.imgproxy.net/latest/configuration/options#IMGPROXY_S3_ASSUME_ROLE_EXTERNAL_ID) config.
@@ -28,7 +32,7 @@
 ### Fix
 - Fix HEIC/AVIF dimension limit handling.
 - Fix SVG detection when the root element has a namespace.
-- Fix treating percent-encoded symbols in `s3://`, `gcs://`, `abs://`, and `swift://` URLs.
+- Fix treating percent-encoded symbols in `local://`, `s3://`, `gcs://`, `abs://`, and `swift://` URLs.
 - (pro) Fix style injection to SVG.
 - (pro) Fix video tiles generation when the video's SAR is not `1`.
 
diff --git a/imagedata/download.go b/imagedata/download.go
index e46c92da..2e2fcfc9 100644
--- a/imagedata/download.go
+++ b/imagedata/download.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"net/http"
 	"net/http/cookiejar"
+	"net/url"
 	"strings"
 	"time"
 
@@ -139,6 +140,17 @@ func BuildImageRequest(ctx context.Context, imageURL string, header http.Header,
 		return nil, func() {}, ierrors.New(404, err.Error(), msgSourceImageIsUnreachable)
 	}
 
+	// S3, GCS, etc object keys may contain `#` symbol.
+	// `url.ParseRequestURI` unlike `url.Parse` does not cut-off the fragment part from the URL path.
+	if req.URL.Scheme != "http" && req.URL.Scheme != "https" {
+		u, err := url.ParseRequestURI(imageURL)
+		if err != nil {
+			reqCancel()
+			return nil, func() {}, ierrors.New(404, err.Error(), msgSourceImageIsUnreachable)
+		}
+		req.URL = u
+	}
+
 	if _, ok := enabledSchemes[req.URL.Scheme]; !ok {
 		reqCancel()
 		return nil, func() {}, ierrors.New(