fix: LSDV-5337: Pre-signed file proxy url clashing with already html encoded values causing errors in signature

[bmartel]

PR fulfills these requirements

• Commit message(s) and PR title follows the format [fix|feat|ci|chore|doc]: TICKET-ID: Short description of change made ex. fix: DEV-XXXX: Removed inconsistent code usage causing intermittent errors
• Tests for the changes have been added/updated (for bug fixes/features)
• Docs have been added/updated (for bug fixes/features)
• Best efforts were made to ensure docs/code are concise and coherent (checked for spelling/grammatical errors, commented out code, debug logs etc.)
• Self-reviewed and ran all changes on a local instance (for bug fixes/features)

Change has impacts in these area(s)

(check all that apply)

• Product design
• Backend (Database)
• Backend (API)
• Frontend

Describe the reason for change

In some cases the values inside of the pre-signed storage uris could become double encoded for a portion of the string (either sourced this way, or parsed). This would then invalidate the signature when calculating the final presigned url, or possibly the resultant URL entirely.

What does this fix?

Switch from using a url encode/decode on the fileuri query param, and instead use a urlsafe base64 encode/decode. This way we can support all the various values which could be supported in the external storage(s) URI and not limit or break user functionality when using the presigned url options. There is also provisions for a fallback if the base64 fails, it will operate with unquote on the string as was before, which will serve to automatically migrate usage while it is inflight and local user caches invalidate.

What libraries were added/updated?

N/A.

Does this change affect performance?

No.

Does this change affect security?

No.

What feature flags were used to cover this change?

None.

Does this PR introduce a breaking change?

(check only one)

• Yes, and covered entirely by feature flag(s)
• Yes, and covered partially by feature flag(s)
• No
• Not sure (briefly explain the situation below)

What level of testing was included in the change?

(check all that apply)

• e2e
• integration
• unit

Which logical domain(s) does this change affect?

ImportStorage, PresignedStorageData

[netlify]

❌ Deploy Preview for label-studio-docs-new-theme failed.

Name	Link
🔨 Latest commit	2937dc6
🔍 Latest deploy log	https://app.netlify.com/sites/label-studio-docs-new-theme/deploys/649b1ff228884800084991b5

[netlify]

❌ Deploy Preview for heartex-docs failed.

Name	Link
🔨 Latest commit	2937dc6
🔍 Latest deploy log	https://app.netlify.com/sites/heartex-docs/deploys/649b1ff20918fc0008f99b70

[codecov]

Codecov Report

Patch coverage has no change and project coverage change: -0.01 ⚠️

Comparison is base (35618d5) 75.57% compared to head (2937dc6) 75.57%.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #4447      +/-   ##
===========================================
- Coverage    75.57%   75.57%   -0.01%     
===========================================
  Files          156      156              
  Lines        12213    12219       +6     
===========================================
+ Hits          9230     9234       +4     
- Misses        2983     2985       +2     

see 2 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.