External storage and codec server sample

[jmaeagle99]

What was changed

Add sample for external storage with codec server that supports multiple namespaces and downloads.

Why?

Provide a baseline reference for how to use external storage with the S3 driver and an updated codec server.

Checklist

1. How was this tested: Locally ran; investigating possibility of adding tests
2. Any docs updates needed? No

[semgrep-managed-scans]

Semgrep found 6 ssc-66c432ac-3608-4a86-bf47-45df36e8c883 findings:

• external_storage/handler.py
  • L148 - Triage
  • L149 - Triage
  • L150 - Triage
• external_storage/codec_server.py
  • L151 - Triage
  • L152 - Triage
  • L153 - Triage

Risk: Affected versions of aiohttp are vulnerable to Allocation of Resources Without Limits or Throttling / Improper Handling of Highly Compressed Data (Data Amplification). Unbounded decompression of compressed request bodies in aiohttp's server allows an attacker to send a specially crafted "zip bomb" (e.g. via Content-Encoding: gzip) that expands to an arbitrarily large payload in memory, exhausting host resources and causing a denial-of-service.

Fix: Upgrade this library to at least version 3.13.3 at samples-python/uv.lock:65.

Reference(s): GHSA-6mq8-rvhq-8wgg, CVE-2025-69223

[cconstable]

👍 Very neat. Learned about X-Namespace and preserveStorageRefs from reviewing this.