You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/12/26 06:32:28 UTC

[GitHub] [apisix] ilteriseroglu-ty commented on a diff in pull request #8564: fix(proxy-rewrite): fix url normalization bypass

ilteriseroglu-ty commented on code in PR #8564:
URL: https://github.com/apache/apisix/pull/8564#discussion_r1057091242


##########
apisix/plugins/proxy-rewrite.lua:
##########
@@ -297,6 +297,8 @@ do
         else
             ctx.var.upstream_uri = upstream_uri
         end
+    else
+        ctx.var.upstream_uri = upstream_uri

Review Comment:
   To be quite honest, I don't know. _But_, a route to a GitLab API backend running at couple thousand requests/s has almost 50 percent error rate without this change because the request uri gets normalized _somewhere_ in the execution chain, even though it shouldn't be because `use_real_request_uri_unsafe` is set.
   
   For instance `/api/v4/projects/12345/repository/files/technology%2Ftest.yaml?ref=stage` will be normalized down to `/api/v4/projects/12345/repository/files/technology/test.yaml?ref=stage` without this change, which shouldn't happen as this route has `use_real_request_uri_unsafe` enabled (which we did confirm).



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org