[
https://issues.apache.org/jira/browse/CAMEL-4954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13198853#comment-13198853
]
Hadrian Zbarcea commented on CAMEL-4954:
----------------------------------------
Thanks a lot for reporting this and especially for providing a unit test. That
is a problem I will fix today. In general however, the aim is to get rid of the
normalizeEndpointUri. It is used because the uri design for some components
allows the creation of invalid URIs that cannot be passed, so using it was a
workaround in the first place (from almost the very beginning). The endpoint
creation is quite convoluted and is due for some refactoring anyway, but I
thought it could wait until 3.0.
The goal for 3.0 is to ensure that all components only accept valid URIs, so
it's the responsibility of the user to encode whatever needs encoding, as it
the case with any other technology the uses URIs. There is a new method a
component can override now, preProcessUri(String) that would convert (and log)
the original invalid Uri into a valid one, which could be used instead of the
original one. This should also help with migration.
On a side note, using clear passwords in the uri is not the most secure thing
to do. You may want to take a look at camel-jasypt. It may provide a different,
safer, workaround.
> Camel 2.9.0 incapable of working with % in endpoint URIs
> --------------------------------------------------------
>
> Key: CAMEL-4954
> URL: https://issues.apache.org/jira/browse/CAMEL-4954
> Project: Camel
> Issue Type: Bug
> Components: camel-core
> Affects Versions: 2.9.0
> Environment: Mac 10.7 Java 1.6.0_29
> Reporter: Sebastian Rühl
> Assignee: Hadrian Zbarcea
> Priority: Critical
> Fix For: 2.9.1, 2.10.0
>
> Attachments: PercentTest.java
>
>
> In the class org.apache.camel.util.URISupport which will be used to resolve
> endpoints (DefaultCamelContext#normalizeEndpointUri) the method
> parseParameters will be called.
> At first the java.net.Uri#getQuery will be called with according to the
> javadoc "Returns the decoded query component of this URI" returns a decoded
> URI. If that fails the java.net.Uri#getSchemeSpecificPart method will be
> called which according to the javadoc "Returns the decoded scheme-specific
> part of this URI." returns a decoded URI.
> So to summarize we get in any case a decoded URI.
> This URI will then be than in the method
> org.apache.camel.util.URISupport#parseQuery(String) again decoded with
> java.net.URLDecoder#decode(String,String).
> This code leads to the following behaviour:
> If a % is properly encoded with %25test the %25test will be substituted by
> the first call to %test and the decoded again which leads to an Exception.
> In the http://svn.apache.org/viewvc?view=revision&revision=1166508 commit you
> can see that the % was uncommented from
> org.apache.camel.util#UnsafeUriCharactersEncoder. Maybe this is related.
> However... Double encoding of URIs seems quite odd. With any URI char there
> is no issue with that. But with % the % will be decoded again, which makes a
> % unusable in Camel.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
