https://bz.apache.org/bugzilla/show_bug.cgi?id=64267
Felix Schumacher <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO --- Comment #12 from Felix Schumacher <[email protected]> --- (In reply to Peter Lynch from comment #11) > Thanks for trying to fix this. > > I tried latest snapshot with the test case attached to this bug report. > > Initially it didn't work - looks like this was the logged cause: > > 2020-05-10 08:13:49,560 DEBUG o.a.j.p.h.s.HTTPHC4Impl: Invalid URL http in > authManager > > I have "http" as the Base URL in HTTP Authorization Manager - which I > believe is a valid value according to the HTTP Authorization manager docs, > but the patched code rejects it: > > https://github.com/apache/jmeter/commit/ > 740a2066b01f5a0ad6633bb9b617022918d37d65#diff- > 98b4f752302231261a91b5c0ee96ea9dR264 > > Once I changed the Base URL value in the HTTP Authorization Manager to a > parseable URL object (https://httpbin.org) , then the test case passes. > > So while the specific problem seems to have been improved - I am concerned > the new patch makes the incorrect assumption that the Authorization.getURL() > method returns a proper URL in all cases. This would change the semantics > used to match Base URL for Auth documented for the the HTTP Authorization > Manager. > > https://jmeter.apache.org/usermanual/component_reference. > html#HTTP_Authorization_Manager > > states "Base URL" contains "A partial or complete URL". I always understood the documentation to mean a valid URL, that is shortened on the path and not necessarily on the host name, but I get your point. > > So it seems the patch would need to use similar startsWith matching logic as > in > https://github.com/apache/jmeter/blob/ > b6d11d79d905d0c099732bb928d2372fd1388981/src/protocol/http/src/main/java/org/ > apache/jmeter/protocol/http/control/AuthManager.java#L265 > > I did not perform any other auth related tests given he above noted issue. startsWith is not easily usable, as httpclient is not giving us information about the used protocol. We could guess it and try all combinations (http and https), or try to get the hostname and the port from the URL by means of guessing. Both approaches have their weaknesses. Which one would you prefer? -- You are receiving this mail because: You are the assignee for the bug.
