pulpcore-content allows for // in some parts of the URL but not others
A request for /pulp/content/centos8/AppStream//repodata/repomd.xml returns 404. A request for /pulp/content/centos8/AppStream/repodata/repomd.xml returns 200.
A request for /pulp/content/centos8//repodata/repomd.xml returns 200. A request for /pulp/content/centos8/repodata/repomd.xml returns 200.
It seems like pulpcore-content ignores extra / if it appears after the base_path of a distribution, but not anywhere else in the URL.
I expect the behavior to be consistent no matter where the extra / appears.
#1 Updated by email@example.com about 1 year ago
We discussed this issue during open floor and determined that the best solution would be for nginx and apache reverse proxies to normalize the path before passing the request on to pulpcore-content. This implies that pulpcore-content can never expect to receive requests that contain "//" in the URL. To eliminate any confusion for users, the REST APIs handling creation/modification of Distribution resources need to validate that the base_path does not contain "//". We also need to provide documentation for both users and plugin writers that states that "//" is not valid in the base_path. I will open sub-tasks to improve pulp_installer's configs for nginx and apache to perform the path normalization, to improve validation on Distribution APIs, and to improve documentation for users and plugin writers.
Please register to edit this issue