You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Likitha Shetty <li...@citrix.com> on 2013/02/01 07:10:30 UTC
Review Request: [EC2 Query API] Permission denied exception when a parameter
value contains space
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9230/
-----------------------------------------------------------
Review request for cloudstack and Prachi Damle.
Description
-------
Convert space characters in the parameters to %20 while forming a query string after url-encode because java.net.URLEncoder performs application/x-www-form-urlencoded-type encoding and not percent-encoding. According to RFC 3986 as required by Amazon, we need to percent-encode.
This addresses bug CLOUDSTACK-1125.
Diffs
-----
awsapi/src/com/cloud/bridge/service/EC2RestServlet.java 78e736f
Diff: https://reviews.apache.org/r/9230/diff/
Testing
-------
Make any EC2 Query API call with a space in the parameter value - the api call should be successfully executed and throw an error
Thanks,
Likitha Shetty
Re: Review Request: [EC2 Query API] Permission denied exception when a
parameter value contains space
Posted by Prachi Damle <pr...@citrix.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9230/#review16440
-----------------------------------------------------------
Likitha,
There seems to be a typo trying to replace ~ by %7E. YOu seem to be doing the other way instead.
The changes done seem to encode following 3 characters in the input URL: space, * and ~:
Please can you update if you tested all 3 inputs?
- Prachi Damle
On Feb. 1, 2013, 6:10 a.m., Likitha Shetty wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9230/
> -----------------------------------------------------------
>
> (Updated Feb. 1, 2013, 6:10 a.m.)
>
>
> Review request for cloudstack and Prachi Damle.
>
>
> Description
> -------
>
> Convert space characters in the parameters to %20 while forming a query string after url-encode because java.net.URLEncoder performs application/x-www-form-urlencoded-type encoding and not percent-encoding. According to RFC 3986 as required by Amazon, we need to percent-encode.
>
>
> This addresses bug CLOUDSTACK-1125.
>
>
> Diffs
> -----
>
> awsapi/src/com/cloud/bridge/service/EC2RestServlet.java 78e736f
>
> Diff: https://reviews.apache.org/r/9230/diff/
>
>
> Testing
> -------
>
> Make any EC2 Query API call with a space in the parameter value - the api call should be successfully executed and throw an error
>
>
> Thanks,
>
> Likitha Shetty
>
>
Re: Review Request: [EC2 Query API] Permission denied exception when a
parameter value contains space
Posted by Prachi Damle <pr...@citrix.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9230/#review16483
-----------------------------------------------------------
Ship it!
Ok, thanks for the changes. Committed to master.
- Prachi Damle
On Feb. 12, 2013, 12:18 p.m., Likitha Shetty wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9230/
> -----------------------------------------------------------
>
> (Updated Feb. 12, 2013, 12:18 p.m.)
>
>
> Review request for cloudstack and Prachi Damle.
>
>
> Description
> -------
>
> Convert space characters in the parameters to %20 while forming a query string after url-encode because java.net.URLEncoder performs application/x-www-form-urlencoded-type encoding and not percent-encoding. According to RFC 3986 as required by Amazon, we need to percent-encode.
>
>
> This addresses bug CLOUDSTACK-1125.
>
>
> Diffs
> -----
>
> awsapi/src/com/cloud/bridge/service/EC2RestServlet.java 5d151ba
>
> Diff: https://reviews.apache.org/r/9230/diff/
>
>
> Testing
> -------
>
> Make any EC2 Query API call with a space in the parameter value - the api call should be successfully executed and throw an error
>
>
> Thanks,
>
> Likitha Shetty
>
>
Re: Review Request: [EC2 Query API] Permission denied exception when a
parameter value contains space
Posted by Likitha Shetty <li...@citrix.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9230/
-----------------------------------------------------------
(Updated Feb. 12, 2013, 12:18 p.m.)
Review request for cloudstack and Prachi Damle.
Changes
-------
Thanks for the review Prachi.
I made the translation from %7E to ~ because according to rfc3986#section-2.4(http://tools.ietf.org/html/rfc3986#section-2.4), older URI processing implementations encode tilde ("~") character to "%7E". But when i used the Boto client i see that "~" is not encoded and there is no signature mismatch and so we don't have to replace the character after URL encoding. I have now updated the diff to remove 'replace ~ by %7E'.
Manual testing
1. Make any EC2 Query API call with a space in the parameter value - the api call should be successfully executed and throw an error
2. Repeat the same for chararcter "*"
When tested without the patch both steps throw a Permission denied exception
Also note,
1. "*" is urlencoded to "*" but percent encoded to %2A
2. "space" is urlencode to "+" but percent encoded to %20
Description
-------
Convert space characters in the parameters to %20 while forming a query string after url-encode because java.net.URLEncoder performs application/x-www-form-urlencoded-type encoding and not percent-encoding. According to RFC 3986 as required by Amazon, we need to percent-encode.
This addresses bug CLOUDSTACK-1125.
Diffs (updated)
-----
awsapi/src/com/cloud/bridge/service/EC2RestServlet.java 5d151ba
Diff: https://reviews.apache.org/r/9230/diff/
Testing
-------
Make any EC2 Query API call with a space in the parameter value - the api call should be successfully executed and throw an error
Thanks,
Likitha Shetty