You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@spark.apache.org by GitBox <gi...@apache.org> on 2020/11/30 15:06:27 UTC

[GitHub] [spark] gengliangwang opened a new pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

gengliangwang opened a new pull request #30552:
URL: https://github.com/apache/spark/pull/30552


   <!--
   Thanks for sending a pull request!  Here are some tips for you:
     1. If this is your first time, please read our contributor guidelines: https://spark.apache.org/contributing.html
     2. Ensure you have added or run the appropriate tests for your PR: https://spark.apache.org/developer-tools.html
     3. If the PR is unfinished, add '[WIP]' in your PR title, e.g., '[WIP][SPARK-XXXX] Your PR title ...'.
     4. Be sure to keep the PR description updated to reflect all changes.
     5. Please write your PR title to summarize what this PR proposes.
     6. If possible, provide a concise example to reproduce the issue for a faster review.
     7. If you want to add a new configuration, please read the guideline first for naming configurations in
        'core/src/main/scala/org/apache/spark/internal/config/ConfigEntry.scala'.
   -->
   
   ### What changes were proposed in this pull request?
   <!--
   Please clarify what changes you are proposing. The purpose of this section is to outline the changes and how this PR fixes the issue. 
   If possible, please consider writing useful notes for better and faster reviews in your PR. See the examples below.
     1. If you refactor some codes with changing classes, showing the class hierarchy will help reviewers.
     2. If you fix some SQL features, you can provide some references of other DBMSes.
     3. If there is design documentation, please add the link.
     4. If there is a discussion in the mailing list, please add the link.
   -->
   
   When running Spark with reverse proxy enabled, the query parameter of the request URL can be encoded twice: one from the browser and another one from the reverse proxy(e.g. Nginx).
   
   In Spark's stage page, the URL of "/taskTable" contains query parameter order[0][dir]. After encoding twice, the query parameter becomes `order%255B0%255D%255Bdir%255D` and it will be decoded as `order%5B0%5D%5Bdir%5D` instead of `order[0][dir]`. As a result, there will be NullPointerException from https://github.com/apache/spark/blob/master/core/src/main/scala/org/apache/spark/status/api/v1/StagesResource.scala#L176
   
   Other than that, the other parameter may not work as expected after encoded twice.
   
   This PR is to decode the query parameters of the redirect URL for reverse proxy and fix the problem. 
   ### Why are the changes needed?
   <!--
   Please clarify why the changes are needed. For instance,
     1. If you propose a new API, clarify the use case for a new API.
     2. If you fix a bug, you can clarify why it is a bug.
   -->
   Fix a potential bug when Spark's reverse proxy is enabled.
   The bug itself is similar to https://github.com/apache/spark/pull/29271.
   
   ### Does this PR introduce _any_ user-facing change?
   <!--
   Note that it means *any* user-facing change including all aspects such as the documentation fix.
   If yes, please clarify the previous behavior and the change this PR proposes - provide the console output, description and/or an example to show the behavior difference if possible.
   If possible, please also clarify if this is a user-facing change compared to the released Spark versions or within the unreleased branches such as master.
   If no, write 'No'.
   -->
   No
   
   ### How was this patch tested?
   <!--
   If tests were added, say they were added here. Please make sure to add some test cases that check the changes thoroughly including negative and positive cases if possible.
   If it was tested in a way different from regular unit tests, please clarify how you tested step by step, ideally copy and paste-able, so that other reviewers can test and check, and descendants can verify in the future.
   If tests were not added, please describe why they were not added and/or why it was difficult to add.
   -->
   Add a new unit test.
   Also, Manual UI testing for master, worker and app UI with an nginx proxy
   
   Spark config:
   ```
   spark.ui.port 8080
   spark.ui.reverseProxy=true
   spark.ui.reverseProxyUrl=/path/to/spark/
   ```
   nginx config:
   ```
   server {
       listen 9000;
       set $SPARK_MASTER http://127.0.0.1:8080;
       # split spark UI path into prefix and local path within master UI
       location ~ ^(/path/to/spark/) {
           # strip prefix when forwarding request
           rewrite /path/to/spark(/.*) $1  break;
           #rewrite /path/to/spark/ "/" ;
           # forward to spark master UI
           proxy_pass $SPARK_MASTER;
           proxy_intercept_errors on;
           error_page 301 302 307 = @handle_redirects;
       }
       location @handle_redirects {
           set $saved_redirect_location '$upstream_http_location';
           proxy_pass $saved_redirect_location;
       }
   }
   ```
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #30552:
URL: https://github.com/apache/spark/pull/30552#issuecomment-735860143


   **[Test build #131995 has finished](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/131995/testReport)** for PR 30552 at commit [`0b84816`](https://github.com/apache/spark/commit/0b848161332b22ee995486b74ca1ecaa3085a4ab).
    * This patch **fails to build**.
    * This patch merges cleanly.
    * This patch adds no public classes.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang commented on a change in pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
gengliangwang commented on a change in pull request #30552:
URL: https://github.com/apache/spark/pull/30552#discussion_r532666551



##########
File path: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
##########
@@ -401,15 +403,16 @@ private[spark] object JettyUtils extends Logging {
       uri.append(rest)
     }
 
-    val rewrittenURI = URI.create(uri.toString())
+    val rewrittenURI = URI.create(uri.toString()).normalize()

Review comment:
       For this one, I am not very confident to decode the URI, which may break the `authority` part of the URI.
   To be safe, let's decode the parameter only in this PR.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA removed a comment on pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
SparkQA removed a comment on pull request #30552:
URL: https://github.com/apache/spark/pull/30552#issuecomment-735856946


   **[Test build #131995 has started](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/131995/testReport)** for PR 30552 at commit [`0b84816`](https://github.com/apache/spark/commit/0b848161332b22ee995486b74ca1ecaa3085a4ab).


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang commented on pull request #30552: [SPARK-33611][UI] Avoid encoding twice on the query parameter of rewritten proxy URL

Posted by GitBox <gi...@apache.org>.
gengliangwang commented on pull request #30552:
URL: https://github.com/apache/spark/pull/30552#issuecomment-736706578






----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang commented on a change in pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
gengliangwang commented on a change in pull request #30552:
URL: https://github.com/apache/spark/pull/30552#discussion_r532665674



##########
File path: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
##########
@@ -401,15 +403,16 @@ private[spark] object JettyUtils extends Logging {
       uri.append(rest)
     }
 
-    val rewrittenURI = URI.create(uri.toString())
+    val rewrittenURI = URI.create(uri.toString()).normalize()
     if (query != null) {
+      val decodedQuery = decodeURL(query, defaultUrlEncoding)

Review comment:
       I also try decoding twice here. It works as well. 




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] srowen commented on a change in pull request #30552: [SPARK-33611][UI] Avoid encoding twice on the query parameter of rewritten proxy URL

Posted by GitBox <gi...@apache.org>.
srowen commented on a change in pull request #30552:
URL: https://github.com/apache/spark/pull/30552#discussion_r533460977



##########
File path: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
##########
@@ -401,17 +401,13 @@ private[spark] object JettyUtils extends Logging {
       uri.append(rest)
     }
 
-    val rewrittenURI = URI.create(uri.toString())
-    if (query != null) {
-      return new URI(
-          rewrittenURI.getScheme(),
-          rewrittenURI.getAuthority(),
-          rewrittenURI.getPath(),
-          query,
-          rewrittenURI.getFragment()
-        ).normalize()
+    val queryString = if (query == null) {
+      ""
+    } else {
+      s"?$query"
     }
-    rewrittenURI.normalize()
+    // SPARK-33611: use method `URI.create` to avoid percent-encoding twice on the query string.
+    URI.create(uri.toString() + queryString).normalize()

Review comment:
       toString() is unnecesary here BTW.
   So this relies on query already being escaped. That may be fine for the logic of this code, although in another world it would have been better to let this method take unescaped query strings and manage it here.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins removed a comment on pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
AmplabJenkins removed a comment on pull request #30552:
URL: https://github.com/apache/spark/pull/30552#issuecomment-735860159






----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang closed pull request #30552: [SPARK-33611][UI] Avoid encoding twice on the query parameter of rewritten proxy URL

Posted by GitBox <gi...@apache.org>.
gengliangwang closed pull request #30552:
URL: https://github.com/apache/spark/pull/30552


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] srowen commented on a change in pull request #30552: [SPARK-33611][UI] Avoid encoding twice on the query parameter of rewritten proxy URL

Posted by GitBox <gi...@apache.org>.
srowen commented on a change in pull request #30552:
URL: https://github.com/apache/spark/pull/30552#discussion_r533479958



##########
File path: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
##########
@@ -401,17 +401,13 @@ private[spark] object JettyUtils extends Logging {
       uri.append(rest)
     }
 
-    val rewrittenURI = URI.create(uri.toString())
-    if (query != null) {
-      return new URI(
-          rewrittenURI.getScheme(),
-          rewrittenURI.getAuthority(),
-          rewrittenURI.getPath(),
-          query,
-          rewrittenURI.getFragment()
-        ).normalize()
+    val queryString = if (query == null) {
+      ""
+    } else {
+      s"?$query"
     }
-    rewrittenURI.normalize()
+    // SPARK-33611: use method `URI.create` to avoid percent-encoding twice on the query string.
+    URI.create(uri.toString() + queryString).normalize()

Review comment:
       Oh right, OK, ignore the toString() comment.
   I just mean that semantically, encoding is a URI detail. The program should probably not worry about it except when going to and from URIs. But that's not how this code is structured. It clearly already expects and escaped string as argument, which then means callers have to deal with it. But, I don't think it's necessary to change. If it is escaped then yes this is a fix.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #30552:
URL: https://github.com/apache/spark/pull/30552#issuecomment-735856946


   **[Test build #131995 has started](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/131995/testReport)** for PR 30552 at commit [`0b84816`](https://github.com/apache/spark/commit/0b848161332b22ee995486b74ca1ecaa3085a4ab).


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang commented on a change in pull request #30552: [SPARK-33611][UI] Avoid encoding twice on the query parameter of rewritten proxy URL

Posted by GitBox <gi...@apache.org>.
gengliangwang commented on a change in pull request #30552:
URL: https://github.com/apache/spark/pull/30552#discussion_r533475978



##########
File path: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
##########
@@ -401,17 +401,13 @@ private[spark] object JettyUtils extends Logging {
       uri.append(rest)
     }
 
-    val rewrittenURI = URI.create(uri.toString())
-    if (query != null) {
-      return new URI(
-          rewrittenURI.getScheme(),
-          rewrittenURI.getAuthority(),
-          rewrittenURI.getPath(),
-          query,
-          rewrittenURI.getFragment()
-        ).normalize()
+    val queryString = if (query == null) {
+      ""
+    } else {
+      s"?$query"
     }
-    rewrittenURI.normalize()
+    // SPARK-33611: use method `URI.create` to avoid percent-encoding twice on the query string.
+    URI.create(uri.toString() + queryString).normalize()

Review comment:
       Thanks for the suggestion, Sean.
   > toString() is unnecesary here BTW.
   
   `uri` is `StringBuilder` here. The original code also use toString().
   
   > So this relies on query already being escaped. That may be fine for the logic of this code, although in another world it would have been better to let this method take unescaped query strings and manage it here.
   
   The query string here should be encoded already.  I am not very familiar with this topic. Is there any better solution to handle both escaped/unescaped query string?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
AmplabJenkins commented on pull request #30552:
URL: https://github.com/apache/spark/pull/30552#issuecomment-735860159






----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang commented on a change in pull request #30552: [SPARK-33611][UI] Decode Query parameters of the redirect URL for reverse proxy

Posted by GitBox <gi...@apache.org>.
gengliangwang commented on a change in pull request #30552:
URL: https://github.com/apache/spark/pull/30552#discussion_r532666551



##########
File path: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
##########
@@ -401,15 +403,16 @@ private[spark] object JettyUtils extends Logging {
       uri.append(rest)
     }
 
-    val rewrittenURI = URI.create(uri.toString())
+    val rewrittenURI = URI.create(uri.toString()).normalize()

Review comment:
       For this one, I am not very confident to decode the URI, which may break the `authority` part of the URI.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org