You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficcontrol.apache.org by GitBox <gi...@apache.org> on 2018/11/06 20:09:13 UTC
[GitHub] mitchell852 closed pull request #2993: TO client: properly escapes
names passed to traffic ops API
mitchell852 closed pull request #2993: TO client: properly escapes names passed to traffic ops API
URL: https://github.com/apache/trafficcontrol/pull/2993
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/infrastructure/cdn-in-a-box/traffic_ops_data/deliveryservices/010-ciab.json b/infrastructure/cdn-in-a-box/traffic_ops_data/deliveryservices/010-ciab.json
index 32d95d077..8cf57eb1d 100644
--- a/infrastructure/cdn-in-a-box/traffic_ops_data/deliveryservices/010-ciab.json
+++ b/infrastructure/cdn-in-a-box/traffic_ops_data/deliveryservices/010-ciab.json
@@ -17,7 +17,6 @@
"multiSiteOrigin": false,
"missLat": 42.0,
"missLong": -88.0,
- "profileName": "",
"qstringIgnore": 0,
"rangeRequestHandling": 0,
"regionalGeoBlocking": false,
diff --git a/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/060-GLOBAL.json b/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/060-GLOBAL.json
deleted file mode 100644
index cfc309f21..000000000
--- a/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/060-GLOBAL.json
+++ /dev/null
@@ -1,48 +0,0 @@
-{
- "cdnName": "ALL",
- "name": "GLOBAL",
- "type": "UNK_PROFILE",
- "description": "Global Traffic Ops profile, DO NOT DELETE",
- "params": [
- {
- "configFile": "global",
- "name": "tm.url",
- "value": "https://trafficops.infra.ciab.test:443/"
- },
- {
- "configFile": "global",
- "name": "tm.logourl",
- "value": "/images/tc_logo.png"
- },
- {
- "configFile": "global",
- "name": "tm.instance_name",
- "value": "CDN-In-A-Box"
- },
- {
- "configFile": "global",
- "name": "tm.toolname",
- "value": "Traffic Ops"
- },
- {
- "configFile": "global",
- "name": "use_reval_pending",
- "value": "0"
- },
- {
- "configFile": "global",
- "name": "use_tenancy",
- "value": "1"
- },
- {
- "configFile": "global",
- "name": "default_geo_miss_latitude",
- "value": "0"
- },
- {
- "configFile": "global",
- "name": "default_geo_miss_longitude",
- "value": "-1"
- }
- ]
-}
diff --git a/traffic_ops/client/cachegroup.go b/traffic_ops/client/cachegroup.go
index e0dd5adf5..ad43ced18 100644
--- a/traffic_ops/client/cachegroup.go
+++ b/traffic_ops/client/cachegroup.go
@@ -21,6 +21,7 @@ import (
"fmt"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -253,7 +254,7 @@ func (to *Session) GetCacheGroupByID(id int) ([]tc.CacheGroup, ReqInf, error) {
// GET a CacheGroup by the CacheGroup name
func (to *Session) GetCacheGroupNullableByName(name string) ([]tc.CacheGroupNullable, ReqInf, error) {
- url := fmt.Sprintf("%s?name=%s", API_v13_CacheGroups, name)
+ url := fmt.Sprintf("%s?name=%s", API_v13_CacheGroups, url.QueryEscape(name))
resp, remoteAddr, err := to.request(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if err != nil {
@@ -272,7 +273,7 @@ func (to *Session) GetCacheGroupNullableByName(name string) ([]tc.CacheGroupNull
// GET a CacheGroup by the CacheGroup name
// Deprecated: use GetCachegroupNullableByName
func (to *Session) GetCacheGroupByName(name string) ([]tc.CacheGroup, ReqInf, error) {
- url := fmt.Sprintf("%s?name=%s", API_v13_CacheGroups, name)
+ url := fmt.Sprintf("%s?name=%s", API_v13_CacheGroups, url.QueryEscape(name))
resp, remoteAddr, err := to.request(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if err != nil {
diff --git a/traffic_ops/client/cdn.go b/traffic_ops/client/cdn.go
index 008f38491..4503a783f 100644
--- a/traffic_ops/client/cdn.go
+++ b/traffic_ops/client/cdn.go
@@ -20,6 +20,7 @@ import (
"fmt"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -101,7 +102,7 @@ func (to *Session) GetCDNByID(id int) ([]tc.CDN, ReqInf, error) {
// GET a CDN by the CDN name
func (to *Session) GetCDNByName(name string) ([]tc.CDN, ReqInf, error) {
- url := fmt.Sprintf("%s?name=%s", API_v13_CDNs, name)
+ url := fmt.Sprintf("%s?name=%s", API_v13_CDNs, url.QueryEscape(name))
resp, remoteAddr, err := to.request(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if err != nil {
diff --git a/traffic_ops/client/deliveryservice_requests.go b/traffic_ops/client/deliveryservice_requests.go
index e01182da9..249506c57 100644
--- a/traffic_ops/client/deliveryservice_requests.go
+++ b/traffic_ops/client/deliveryservice_requests.go
@@ -22,6 +22,7 @@ import (
"io/ioutil"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -131,7 +132,7 @@ func (to *Session) GetDeliveryServiceRequests() ([]tc.DeliveryServiceRequest, Re
// GET a DeliveryServiceRequest by the DeliveryServiceRequest XMLID
func (to *Session) GetDeliveryServiceRequestByXMLID(XMLID string) ([]tc.DeliveryServiceRequest, ReqInf, error) {
- route := fmt.Sprintf("%s?xmlId=%s", API_DS_REQUESTS, XMLID)
+ route := fmt.Sprintf("%s?xmlId=%s", API_DS_REQUESTS, url.QueryEscape(XMLID))
resp, remoteAddr, err := to.request(http.MethodGet, route, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
diff --git a/traffic_ops/client/origin.go b/traffic_ops/client/origin.go
index 9e89d66de..222b24901 100644
--- a/traffic_ops/client/origin.go
+++ b/traffic_ops/client/origin.go
@@ -21,6 +21,7 @@ import (
"fmt"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -168,7 +169,7 @@ func (to *Session) GetOriginByID(id int) ([]tc.Origin, ReqInf, error) {
// GET an Origin by the Origin name
func (to *Session) GetOriginByName(name string) ([]tc.Origin, ReqInf, error) {
- return to.GetOriginsByQueryParams(fmt.Sprintf("?name=%s", name))
+ return to.GetOriginsByQueryParams(fmt.Sprintf("?name=%s", url.QueryEscape(name)))
}
// GET a list of Origins by Delivery Service ID
diff --git a/traffic_ops/client/phys_location.go b/traffic_ops/client/phys_location.go
index baa326f76..3ce22619f 100644
--- a/traffic_ops/client/phys_location.go
+++ b/traffic_ops/client/phys_location.go
@@ -21,6 +21,7 @@ import (
"fmt"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -111,7 +112,7 @@ func (to *Session) GetPhysLocationByID(id int) ([]tc.PhysLocation, ReqInf, error
// GET a PhysLocation by the PhysLocation name
func (to *Session) GetPhysLocationByName(name string) ([]tc.PhysLocation, ReqInf, error) {
- url := fmt.Sprintf("%s?name=%s", API_v13_PhysLocations, name)
+ url := fmt.Sprintf("%s?name=%s", API_v13_PhysLocations, url.QueryEscape(name))
resp, remoteAddr, err := to.request(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if err != nil {
diff --git a/traffic_ops/client/region.go b/traffic_ops/client/region.go
index 5eb4df8b8..5d9146e11 100644
--- a/traffic_ops/client/region.go
+++ b/traffic_ops/client/region.go
@@ -21,6 +21,7 @@ import (
"fmt"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -112,7 +113,7 @@ func (to *Session) GetRegionByID(id int) ([]tc.Region, ReqInf, error) {
// GET a Region by the Region name
func (to *Session) GetRegionByName(name string) ([]tc.Region, ReqInf, error) {
- url := fmt.Sprintf("%s?name=%s", API_v13_REGIONS, name)
+ url := fmt.Sprintf("%s?name=%s", API_v13_REGIONS, url.QueryEscape(name))
resp, remoteAddr, err := to.request(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if err != nil {
@@ -144,7 +145,7 @@ func (to *Session) DeleteRegionByID(id int) (tc.Alerts, ReqInf, error) {
// GetRegionByNamePath gets a region by name, using the /api/version/region/name path. This gets the same data as GetRegionByName, but uses a different API path to get the same data, and returns a slightly different format.
func (to *Session) GetRegionByNamePath(name string) ([]tc.RegionName, ReqInf, error) {
- url := apiBase + `/regions/name/` + name
+ url := apiBase + `/regions/name/` + url.QueryEscape(name)
reqResp, remoteAddr, err := to.request(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if err != nil {
diff --git a/traffic_ops/client/role.go b/traffic_ops/client/role.go
index d403cfc61..5e0c18547 100644
--- a/traffic_ops/client/role.go
+++ b/traffic_ops/client/role.go
@@ -20,6 +20,7 @@ import (
"fmt"
"net"
"net/http"
+ "net/url"
"github.com/apache/trafficcontrol/lib/go-tc"
)
@@ -106,7 +107,7 @@ func (to *Session) GetRoleByID(id int) ([]tc.Role, ReqInf, int, error) {
// GET a Role by the Role name
func (to *Session) GetRoleByName(name string) ([]tc.Role, ReqInf, int, error) {
- url := fmt.Sprintf("%s?name=%s", API_v13_ROLES, name)
+ url := fmt.Sprintf("%s?name=%s", API_v13_ROLES, url.QueryEscape(name))
resp, remoteAddr, errClient := to.rawRequest(http.MethodGet, url, nil)
reqInf := ReqInf{CacheHitStatus: CacheHitStatusMiss, RemoteAddr: remoteAddr}
if resp != nil {
diff --git a/traffic_ops/client/traffic_monitor.go b/traffic_ops/client/traffic_monitor.go
index 73905a65a..bd8528aa7 100644
--- a/traffic_ops/client/traffic_monitor.go
+++ b/traffic_ops/client/traffic_monitor.go
@@ -3,6 +3,7 @@ package client
import (
"encoding/json"
"fmt"
+
"github.com/apache/trafficcontrol/lib/go-tc"
)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services