almazgalievisl opened a new issue, #262: URL: https://github.com/apache/polaris/issues/262
### Is this a possible security vulnerability? - [X] This is NOT a possible security vulnerability ### Describe the bug Underscores is a valid symbol in the bucket name, [the doc ](https://cloud.google.com/storage/docs/buckets#naming) > Bucket names can only contain lowercase letters, numeric characters, dashes (-), underscores (_), and dots (.). Spaces are not allowed. Names containing dots require [verification](https://cloud.google.com/storage/docs/domain-name-verification). The current approach uses `java.net.URI`, which is not allowing to have underscores in the host name of URI. It leads to wrongly requested access boundaries, because the bucket name is being set as `null`. ### To Reproduce ``` | Welcome to JShell -- Version 11.0.22 | For an introduction type: /help intro jshell> String location = "gs://test_bucket/iceberg/data" location ==> "gs://test_bucket/iceberg/data" jshell> URI uri = uri.create(location); uri ==> gs://test_bucket/iceberg/data jshell> uri.getHost() $3 ==> null ``` ### Actual Behavior The bucket name is set as `null` ### Expected Behavior The bucket name is set as `test_bucket` ### Additional context I guess this [class](https://cloud.google.com/java/docs/reference/google-cloud-storage/latest/com.google.cloud.storage.BlobId#com_google_cloud_storage_BlobId_fromGsUtilUri_java_lang_String_) from `com.google.cloud.storage` can be used instead ``` import com.google.cloud.storage.BlobId; ... BlobId blob = BlobId.fromGsUtilUri(location); String bucket = blob.getBucket(); String path = blob.getName(); ... ``` ### System information Object storage: GCS -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
