You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Jeffrey E Rodriguez (JIRA)" <ji...@apache.org> on 2017/03/23 13:34:41 UTC

[jira] [Created] (KNOX-912) introduce a rule "decode" attribute to overwrite encoding behavior

Jeffrey E  Rodriguez created KNOX-912:
-----------------------------------------

             Summary: introduce a rule "decode" attribute to overwrite encoding behavior
                 Key: KNOX-912
                 URL: https://issues.apache.org/jira/browse/KNOX-912
             Project: Apache Knox
          Issue Type: Improvement
          Components: Server
    Affects Versions: 0.13.0
         Environment: all
            Reporter: Jeffrey E  Rodriguez
            Assignee: Jeffrey E  Rodriguez


KNOX-791 - which tries to address the escaping issues have caused some issues in some cases where we need to decode  "&amp;" to "&" like in output rewrites of query parameters

An improvement  proposal to introduce a rule decode attribute to set decoding behavior. 
Default is no decoding. 
This allows to turn this “on” for a specific rule.

Before KNOX-791 "&amp;" used to be decoded to "&" during html parsing.

The issue is that in OUT rewrite rule we will not able to match the query string.

Example:

given html
<a href=http://foo:99/test/&amp;q=bar”>test</a>

rule:
<rule dir="OUT" name="test"   pattern="("{scheme}://{host}:{port}/test/?{*}">
     <rewrite template="("http://newtest/test/?{*}?{scheme}?{host}?{port}"/>
 </rule>

This rule above will not work since the “&amp; “ will not be matched.

The proposed change is:
<rule dir="OUT" name="test" decode="true"  pattern="("{scheme}://{host}:{port}/test/?{*}">
     <rewrite template="("http://newtest/test/?{*}?{scheme}?{host}?{port}"/>
 </rule>

This will overwrite the default behavior and decode the the &amp;

The following test illustrates the issue of what we would like
to solve.

@Test
  public void testAmpRewrite() throws Exception {
    URI goodUri, badUri, outputUri;
    Matcher<Void> matcher;
    Matcher<Void>.Match match;
    Template input, pattern, template;
    badUri = new URI(
        "http://foo:99/test/&amp;q=bar"); // we should be able to match
    goodUri = new URI(
        "http://foo:99/test/?q=bar");

    input = Parser.parseLiteral(goodUri.toString());
    pattern = Parser.parseTemplate("{scheme}://{host}:{port}/test/?{*}");
    template = Parser.parseTemplate("http://newtest/test/?{*}?{scheme}?{host}?{port}");

    // Match query string
    String expectedUri = "http://newtest/test/?scheme=http&host=foo&port=99&q=bar";
    matcher = new Matcher<Void>();
    matcher.add(pattern, null);
    match = matcher.match(input);
    assertNotNull( match );
    outputUri = Expander.expand(template, match.getParams(), null);
    assertEquals("Not matched", expectedUri, outputUri.toString());

    // no match of query string ?
    input = Parser.parseLiteral(badUri.toString()); 
    match = matcher.match(input);
    assertNull( match);
  }









--
This message was sent by Atlassian JIRA
(v6.3.15#6346)