Project

Profile

Help

Issue #8670

URL escaping in yarl alters escaped characters

Added by dannysauer 13 days ago. Updated 11 days ago.

Status:
POST
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Master
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 96
Quarter:

Description

After signing the URL when using the S3 backend (or presumably Azure), the call to generate the HTTP redirect re-parses the URL returned, sometimes resulting in characters being encoded as HTML entities or previously-encoded entities being decoded. While S3 is ok with ignoring an altered query string, CloudFront expects the entire URL to match what was signed exactly. This wasn't an issue before I patched django-storages to actually include the parameters passed in to the artifact_file.storage.url() call, but once that patch was applied, query strings were sent back with the URL for content-disposition.

It appears that providing a Yarl URL object to the raise HTTPFound() prevents re-parsing, resulting in the query string being left alone. If the object is created using URL() with encoded=True, that bypasses the reparsing in Yarl, and everyone's much happier. It's also verified to not break regular S3 operation.

History

#1 Updated by pulpbot 13 days ago

  • Status changed from NEW to POST

#2 Updated by fao89 12 days ago

  • Triaged changed from No to Yes
  • Sprint set to Sprint 95

#3 Updated by rchan 12 days ago

  • Sprint changed from Sprint 95 to Sprint 96

Please register to edit this issue

Also available in: Atom PDF