[knox] branch master updated: KNOX-2841 Oozie "root" rewrite rule's pattern is too open (#718)

more Wed, 25 Jan 2023 03:17:19 -0800

This is an automated email from the ASF dual-hosted git repository.

more pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git



The following commit(s) were added to refs/heads/master by this push:
     new dfde5c741 KNOX-2841 Oozie "root" rewrite rule's pattern is too open 
(#718)
dfde5c741 is described below

commit dfde5c7417cfd111478df30c29f556fd31a2a7d8
Author: Denes Bodo <[email protected]>
AuthorDate: Wed Jan 25 12:17:07 2023 +0100

    KNOX-2841 Oozie "root" rewrite rule's pattern is too open (#718)
    
    * KNOX-2675 Oozie Console URL on the web UI should be a Knox URL
    
    * KNOX-2841 Oozie "root" rewrite rule's pattern is too open
---
 .../resources/services/oozie/5.0.0/rewrite.xml     | 27 +++++++++++++++++-----
 .../resources/services/oozie/5.0.0/service.xml     | 13 +++++++++--
 2 files changed, 32 insertions(+), 8 deletions(-)

diff --git 
a/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/rewrite.xml
 
b/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/rewrite.xml
index 1ff71daa2..04e274aa2 100644
--- 
a/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/rewrite.xml
+++ 
b/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/rewrite.xml
@@ -16,16 +16,31 @@
 -->
 <rules>
 
-    <rule dir="IN" name="OOZIE/oozie/root" 
pattern="http*://*:*/**/oozie/{**}?{**}">
-        <rewrite template="{$serviceUrl[OOZIE]}/{**}?{**}"/>
+    <rule dir="IN" name="OOZIE/oozie/root" flow="OR">
+        <match pattern="http://*:*/**/oozie/{**}?{**}";>
+            <rewrite template="{$serviceUrl[OOZIE]}/{**}?{**}"/>
+        </match>
+        <match pattern="https://*:*/**/oozie/{**}?{**}";>
+            <rewrite template="{$serviceUrl[OOZIE]}/{**}?{**}"/>
+        </match>
     </rule>
 
-    <rule dir="IN" name="OOZIE/oozie/v1" 
pattern="*://*:*/**/oozie/v1/{**}?{**}">
-        <rewrite template="{$serviceUrl[OOZIE]}/v1/{**}?{**}"/>
+    <rule dir="IN" name="OOZIE/oozie/v1" flow="OR">
+        <match pattern="http://*:*/**/oozie/v1/{**}?{**}";>
+            <rewrite template="{$serviceUrl[OOZIE]}/v1/{**}?{**}"/>
+        </match>
+        <match pattern="https://*:*/**/oozie/v1/{**}?{**}";>
+            <rewrite template="{$serviceUrl[OOZIE]}/v1/{**}?{**}"/>
+        </match>
     </rule>
 
-    <rule dir="IN" name="OOZIE/oozie/v2" 
pattern="*://*:*/**/oozie/v2/{**}?{**}">
-        <rewrite template="{$serviceUrl[OOZIE]}/v2/{**}?{**}"/>
+    <rule dir="IN" name="OOZIE/oozie/v2" flow="OR">
+        <match pattern="http://*:*/**/oozie/v2/{**}?{**}";>
+            <rewrite template="{$serviceUrl[OOZIE]}/v2/{**}?{**}"/>
+        </match>
+        <match pattern="https://*:*/**/oozie/v2/{**}?{**}";>
+            <rewrite template="{$serviceUrl[OOZIE]}/v2/{**}?{**}"/>
+        </match>
     </rule>
 
     <rule name="OOZIE/oozie/user-name">
diff --git 
a/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/service.xml
 
b/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/service.xml
index 0402facbd..e43d2ad6f 100644
--- 
a/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/service.xml
+++ 
b/gateway-service-definitions/src/main/resources/services/oozie/5.0.0/service.xml
@@ -39,14 +39,23 @@
         </samples>
     </metadata>
     <routes>
-        <route path="/oozie/**?**">
-            <rewrite apply="OOZIE/oozie/configuration" to="request.body"/>
+        <route path="/oozie/">
+            <rewrite apply="OOZIE/oozie/root" to="request.url"/>
+        </route>
+        <route path="/oozie/**">
+            <rewrite apply="OOZIE/oozie/root" to="request.url"/>
         </route>
         <route path="/oozie/v1/**?**">
             <rewrite apply="OOZIE/oozie/configuration" to="request.body"/>
+            <rewrite apply="OOZIE/oozie/v1" to="request.url"/>
         </route>
         <route path="/oozie/v2/**?**">
             <rewrite apply="OOZIE/oozie/configuration" to="request.body"/>
+            <rewrite apply="OOZIE/oozie/v2" to="request.url"/>
+        </route>
+        <route path="/oozie/**?**">
+            <rewrite apply="OOZIE/oozie/configuration" to="request.body"/>
+            <rewrite apply="OOZIE/oozie/root" to="request.url"/>
         </route>
     </routes>
     <testURLs>

[knox] branch master updated: KNOX-2841 Oozie "root" rewrite rule's pattern is too open (#718)

Reply via email to