[jira] [Updated] (KNOX-1185) Routes and rewrite rules cannot distinguish resources from directories

Wed, 14 Feb 2018 05:41:13 -0800 

     [ 
https://issues.apache.org/jira/browse/KNOX-1185?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kevin Minder updated KNOX-1185:
-------------------------------
    Description: 
There is ambiguity for how URL patterns for resources (i.e. no trailing slash) 
and directories (i.e. trailing slash) are handled.  The first pattern added to 
a matcher will always take precedence and the second will be ignored.  For 
example consider the patterns "/oozie" and "/oozie/".  Both of these patterns 
will match "/oozie" and "/oozie/" making unique processing for each impossible. 
 

Fixing this issue may prove disruptive as a large number of service route and 
rewrite rules may inadvertently be taking advantage of this ambiguity.

I have created this test below which can be added to 
org/apache/knox/gateway/util/urltemplate/MatcherTest.java to illustrate the 
issue.  Note the commented out assertions annotated with the FIX.
{code:java}
@Test
public void testTrailingSlashMatching_Knox1185() throws URISyntaxException {
  Matcher<String> matcher;
  Template template;

  matcher = new Matcher<String>();
  matcher.add( Parser.parseTemplate( "/oozie" ), "file" );
  assertValidMatch( matcher, "/oozie", "file" );
  assertValidMatch( matcher, "/oozie/", "file" );

  matcher = new Matcher<String>();
  matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" );
  assertValidMatch( matcher, "/oozie", "dir" );
  assertValidMatch( matcher, "/oozie/", "dir" );

  matcher = new Matcher<String>();
  matcher.add( Parser.parseTemplate( "/oozie" ), "file" );
  matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" );
  matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
  assertValidMatch( matcher, "/oozie", "file" );
  //FIX assertValidMatch( matcher, "/oozie/", "dir" ); // Actual=file
  assertValidMatch( matcher, "/oozie/path", "path" );

  // Reverse the put order.
  matcher = new Matcher<String>();
  matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
  matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" );
  matcher.add( Parser.parseTemplate( "/oozie" ), "file" );
  //FIX assertValidMatch( matcher, "/oozie", "file" ); // Actual=dir
  assertValidMatch( matcher, "/oozie/", "dir" );
  assertValidMatch( matcher, "/oozie/path", "path" );

  matcher = new Matcher<String>();
  matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
  matcher.add( Parser.parseTemplate( "/oozie/**/" ), "dir" );
  assertValidMatch( matcher, "/oozie/path", "path" );
  //FIX assertValidMatch( matcher, "/oozie/path/", "dir" ); // Actual=path

  matcher = new Matcher<String>();
  matcher.add( Parser.parseTemplate( "/oozie/**/" ), "dir" );
  matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
  //FIX assertValidMatch( matcher, "/oozie/path", "path" ); // Actual=dir
  assertValidMatch( matcher, "/oozie/path/", "dir" );
}
{code}

  was:
There is ambiguity for how URL patterns for resources (i.e. no trailing slash) 
and directories (i.e. trailing slash) are handled.  The first pattern added to 
a matcher will always take precedence and the second will be ignored.  For 
example consider the patterns "/oozie" and "/oozie/".  Both of these patterns 
will match "/oozie" and "/oozie/" making unique processing for each impossible. 
 

Fixing this issue may prove disruptive as a large number of service route and 
rewrite rules may inadvertently be taking advantage of this ambiguity.

I have created this test below which can be added to 
org/apache/knox/gateway/util/urltemplate/MatcherTest.java to illustrate the 
issue.
{code:java}
@Test public void testTrailingSlashMatching_Knox1185() throws 
URISyntaxException { Matcher<String> matcher; Template template; matcher = new 
Matcher<String>(); matcher.add( Parser.parseTemplate( "/oozie" ), "file" ); 
assertValidMatch( matcher, "/oozie", "file" ); assertValidMatch( matcher, 
"/oozie/", "file" ); matcher = new Matcher<String>(); matcher.add( 
Parser.parseTemplate( "/oozie/" ), "dir" ); assertValidMatch( matcher, 
"/oozie", "dir" ); assertValidMatch( matcher, "/oozie/", "dir" ); matcher = new 
Matcher<String>(); matcher.add( Parser.parseTemplate( "/oozie" ), "file" ); 
matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" ); matcher.add( 
Parser.parseTemplate( "/oozie/**" ), "path" ); assertValidMatch( matcher, 
"/oozie", "file" ); //FIX assertValidMatch( matcher, "/oozie/", "dir" ); // 
Actual=file assertValidMatch( matcher, "/oozie/path", "path" ); // Reverse the 
put order. matcher = new Matcher<String>(); matcher.add( Parser.parseTemplate( 
"/oozie/**" ), "path" ); matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" 
); matcher.add( Parser.parseTemplate( "/oozie" ), "file" ); //FIX 
assertValidMatch( matcher, "/oozie", "file" ); // Actual=dir assertValidMatch( 
matcher, "/oozie/", "dir" ); assertValidMatch( matcher, "/oozie/path", "path" 
); matcher = new Matcher<String>(); matcher.add( Parser.parseTemplate( 
"/oozie/**" ), "path" ); matcher.add( Parser.parseTemplate( "/oozie/**/" ), 
"dir" ); assertValidMatch( matcher, "/oozie/path", "path" ); //FIX 
assertValidMatch( matcher, "/oozie/path/", "dir" ); // Actual=path matcher = 
new Matcher<String>(); matcher.add( Parser.parseTemplate( "/oozie/**/" ), "dir" 
); matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" ); //FIX 
assertValidMatch( matcher, "/oozie/path", "path" ); // Actual=dir 
assertValidMatch( matcher, "/oozie/path/", "dir" ); } {code}


> Routes and rewrite rules cannot distinguish resources from directories
> ----------------------------------------------------------------------
>
>                 Key: KNOX-1185
>                 URL: https://issues.apache.org/jira/browse/KNOX-1185
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 0.14.0
>            Reporter: Kevin Minder
>            Priority: Major
>
> There is ambiguity for how URL patterns for resources (i.e. no trailing 
> slash) and directories (i.e. trailing slash) are handled.  The first pattern 
> added to a matcher will always take precedence and the second will be 
> ignored.  For example consider the patterns "/oozie" and "/oozie/".  Both of 
> these patterns will match "/oozie" and "/oozie/" making unique processing for 
> each impossible.  
> Fixing this issue may prove disruptive as a large number of service route and 
> rewrite rules may inadvertently be taking advantage of this ambiguity.
> I have created this test below which can be added to 
> org/apache/knox/gateway/util/urltemplate/MatcherTest.java to illustrate the 
> issue.  Note the commented out assertions annotated with the FIX.
> {code:java}
> @Test
> public void testTrailingSlashMatching_Knox1185() throws URISyntaxException {
>   Matcher<String> matcher;
>   Template template;
>   matcher = new Matcher<String>();
>   matcher.add( Parser.parseTemplate( "/oozie" ), "file" );
>   assertValidMatch( matcher, "/oozie", "file" );
>   assertValidMatch( matcher, "/oozie/", "file" );
>   matcher = new Matcher<String>();
>   matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" );
>   assertValidMatch( matcher, "/oozie", "dir" );
>   assertValidMatch( matcher, "/oozie/", "dir" );
>   matcher = new Matcher<String>();
>   matcher.add( Parser.parseTemplate( "/oozie" ), "file" );
>   matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" );
>   matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
>   assertValidMatch( matcher, "/oozie", "file" );
>   //FIX assertValidMatch( matcher, "/oozie/", "dir" ); // Actual=file
>   assertValidMatch( matcher, "/oozie/path", "path" );
>   // Reverse the put order.
>   matcher = new Matcher<String>();
>   matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
>   matcher.add( Parser.parseTemplate( "/oozie/" ), "dir" );
>   matcher.add( Parser.parseTemplate( "/oozie" ), "file" );
>   //FIX assertValidMatch( matcher, "/oozie", "file" ); // Actual=dir
>   assertValidMatch( matcher, "/oozie/", "dir" );
>   assertValidMatch( matcher, "/oozie/path", "path" );
>   matcher = new Matcher<String>();
>   matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
>   matcher.add( Parser.parseTemplate( "/oozie/**/" ), "dir" );
>   assertValidMatch( matcher, "/oozie/path", "path" );
>   //FIX assertValidMatch( matcher, "/oozie/path/", "dir" ); // Actual=path
>   matcher = new Matcher<String>();
>   matcher.add( Parser.parseTemplate( "/oozie/**/" ), "dir" );
>   matcher.add( Parser.parseTemplate( "/oozie/**" ), "path" );
>   //FIX assertValidMatch( matcher, "/oozie/path", "path" ); // Actual=dir
>   assertValidMatch( matcher, "/oozie/path/", "dir" );
> }
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to