Project

Profile

Help

Issue #7003

pulpcore-content allows for // in some parts of the URL but not others

Added by dkliban@redhat.com 14 days ago. Updated 2 days ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Category:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:

Description

A request for /pulp/content/centos8/AppStream//repodata/repomd.xml returns 404. A request for /pulp/content/centos8/AppStream/repodata/repomd.xml returns 200.

A request for /pulp/content/centos8//repodata/repomd.xml returns 200. A request for /pulp/content/centos8/repodata/repomd.xml returns 200.

It seems like pulpcore-content ignores extra / if it appears after the base_path of a distribution, but not anywhere else in the URL.

I expect the behavior to be consistent no matter where the extra / appears.

History

#1 Updated by dkliban@redhat.com 6 days ago

We discussed this issue during open floor and determined that the best solution would be for nginx and apache reverse proxies to normalize the path before passing the request on to pulpcore-content. This implies that pulpcore-content can never expect to receive requests that contain "//" in the URL. To eliminate any confusion for users, the REST APIs handling creation/modification of Distribution resources need to validate that the base_path does not contain "//". We also need to provide documentation for both users and plugin writers that states that "//" is not valid in the base_path. I will open sub-tasks to improve pulp_installer's configs for nginx and apache to perform the path normalization, to improve validation on Distribution APIs, and to improve documentation for users and plugin writers.

#2 Updated by fao89 2 days ago

  • Triaged changed from No to Yes

Please register to edit this issue

Also available in: Atom PDF