You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by "Richard Ellis (JIRA)" <ji...@apache.org> on 2016/05/20 08:49:12 UTC

[jira] [Created] (COUCHDB-3019) URL encoded characters in replication URL user info cause auth failures

Richard Ellis created COUCHDB-3019:
--------------------------------------

             Summary: URL encoded characters in replication URL user info cause auth failures
                 Key: COUCHDB-3019
                 URL: https://issues.apache.org/jira/browse/COUCHDB-3019
             Project: CouchDB
          Issue Type: Bug
          Components: Replication
            Reporter: Richard Ellis


Special characters in passwords cause authentication failures when they are URL encoded as part of a source or target property when POSTing to the _replicate endpoint.

Maybe this is a regression because this page suggests this was only an issue in older CouchDB versions: https://wiki.apache.org/couchdb/Replication#Username_Workaround_.28older_CouchDBs_only.29

Example with password "special%@password" on CouchDB 1.6.1
POST /_replicate HTTP/1.1

{"source":"http://testuser:special%25%40password@localhost:5984/35d37f3362474b539269a7b84bc9d424","create_target":true,"target":"http://testuser:special%25%40password@localhost:5984/c4ffd94e3d4e432d941bdd59cfd2d541"}

HTTP/1.1 500 Internal Server Error
Server: CouchDB/1.6.1 (Erlang OTP/17)

{"error":"unauthorized","reason":"unauthorized to access or create database http://testuser:*****@localhost:5984/35d37f3362474b539269a7b84bc9d424/"}

The HEAD request to access the source database gets a 401:

[debug] [<0.203.0>] Minor error in HTTP request: {unauthorized,
                                                  <<"Name or password is incorrect.">>}
[debug] [<0.203.0>] Stacktrace: [{couch_httpd_auth,
                                     default_authentication_handler,1,
                                     [{file,"couch_httpd_auth.erl"},
                                      {line,81}]},
                                 {couch_httpd,authenticate_request,2,
                                     [{file,"couch_httpd.erl"},{line,401}]},
                                 {couch_httpd,handle_request_int,5,
                                     [{file,"couch_httpd.erl"},{line,316}]},
                                 {mochiweb_http,headers,5,
                                     [{file,"mochiweb_http.erl"},{line,94}]},
                                 {proc_lib,init_p_do_apply,3,
                                     [{file,"proc_lib.erl"},{line,237}]}]
[info] [<0.203.0>] 127.0.0.1 - - HEAD /35d37f3362474b539269a7b84bc9d424/ 401
[debug] [<0.203.0>] httpd 401 error response:
 {"error":"unauthorized","reason":"Name or password is incorrect."}




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)