Issue #1229
closed
Json config file values must be url encoded
Description
It was reported that when pulp is configured through katello-installer and user specifies a value for proxy-user or proxy-password parameter, it's propagated to
/etc/pulp/server/plugins.conf.d/yum_importer.json (and other similar files) without being url encoded. I suspect that the need of using url encoded values is actually a pulp issue, wherever the json is used, pulp should encode it according to context. An example of failing value is "passw?rd" which needs to be converted to "passw%24rd". While we could likely make katello-installer encode the value in this file, if you later change this, it would break again.
For additional information, see https://bugzilla.redhat.com/show_bug.cgi?id=1180637. Just note that it combines actually two issues (shell escaping or installer arguments is separate issue).
Updated by mhrivnak over 7 years ago
- Platform Release set to 2.7.1
- Triaged changed from No to Yes
- Tags Easy Fix added
We should ensure that whatever code uses the username and password is doing the url encoding.
Updated by ipanova@redhat.com about 7 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to ipanova@redhat.com
Added by ipanova@redhat.com about 7 years ago
Updated by ipanova@redhat.com about 7 years ago
- Project changed from Pulp to Nectar
- Status changed from ASSIGNED to POST
- Version - Nectar set to 1.3.1
- Target Release - Nectar set to master
Updated by ipanova@redhat.com about 7 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ad446ce275293ddace1bdd47ecbda3aa22b2541b.
Updated by rbarlow almost 7 years ago
- Target Release - Nectar changed from master to 1.4.4
Updated by rbarlow almost 7 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
1229-Json config file values must be url encoded.
closes #1229 https://pulp.plan.io/issues/1229