[
https://issues.apache.org/jira/browse/ARTEMIS-3388?focusedWorklogId=623996&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-623996
]
ASF GitHub Bot logged work on ARTEMIS-3388:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 17/Jul/21 05:22
Start Date: 17/Jul/21 05:22
Worklog Time Spent: 10m
Work Description: brusdev commented on a change in pull request #3657:
URL: https://github.com/apache/activemq-artemis/pull/3657#discussion_r671614294
##########
File path:
artemis-commons/src/test/java/org/apache/activemq/artemis/utils/URIParserTest.java
##########
@@ -58,9 +58,9 @@ public void testSchemaFruit() throws Throwable {
public void testGenerateWithEncoding() throws Throwable {
FruitParser parser = new FruitParser();
Fruit myFruit = new Fruit("tomato&fruit");
- myFruit.setHost("somehost&uui");
Review comment:
can we check both `&` and `%26` ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 623996)
Time Spent: 20m (was: 10m)
> URI query values decoded twice
> ------------------------------
>
> Key: ARTEMIS-3388
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3388
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Affects Versions: 2.17.0
> Reporter: Aaron Steigerwald
> Priority: Minor
> Time Spent: 20m
> Remaining Estimate: 0h
>
> An encoded acceptor password like
> keyStorePassword=ENC(ql6LSJ%2BYMxGN1yn1r/F0yw==) is changed to ENC(ql6LSJ
> YMxGN1yn1r/F0yw==) prior to being passed to the SensitiveDataCodec.decode
> method. This causes exceptions like "java.lang.IllegalArgumentException:
> Illegal base64 character 20" if the SensitiveDataCodec implementation is
> expecting Base64 characters because a space is not a valid Base64 character .
> This appears to be happening because the string is URL decoded twice. The
> first time is implicit in the
> org.apache.activemq.artemis.utils.uri.URISchema.newObject method. It calls
> uri.getQuery(), which according to
> [https://docs.oracle.com/javase/8/docs/api/java/net/URI.html] "The
> getUserInfo, getPath, getQuery, getFragment, getAuthority, and
> getSchemeSpecificPart methods +decode+ any escaped octets in their
> corresponding components. The strings returned by these methods may contain
> both other characters and illegal characters, and will not contain any
> escaped octets." The second time is explicit in the
> org.apache.activemq.artemis.utils.uri.BeanSupport.decodeURI method. It calls
> URLDecoder.decode(value, "UTF-8").
> The workaround is to replace all spaces with plus + characters in the custom
> SensitiveDataCodec.decode method. This is safe because the method is
> expecting only valid Base64 characters and the space character will only
> exist if it's been converted from a plus + character.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
