I need this to workaround a buggy client side JS framework which adds Content-Type header, even fot GET requests. This header messes up with S3 signed URLs because Amazon expects it to be present in the StringToSign but it's not.
With this patch one can specify what headers will be used to generate the signed url.
I myself didn't need the response_header parameter but noticed that Boto uses it so I added it.
Just want to add a vote for merging this, and noting that I do have a use case for response_headers support in url; I want to send clients a Content-Disposition header so that we can specify the filename that a browser uses to save the directly downloaded file which can be done if we send the "response-content-disposition" to S3. However, that header must be part of the StringToSign.
I currently get around this by sub-classing S3BotoStorage and hacking/mostly-copy-and-pasting in a very similar looking url() method as the one in the patch, but that is really ugly. Accepting this simple patch would greatly simplify it.