Issue #8816
closed
Syncing a repo with sles_auth_token set on the remote, may try to download kickstart files incorrectly
Description
If you try to sync: http://distro.ibiblio.org/centos/7.9.2009/os/x86_64/
with the sles_auth_token set to: foo=bar (or any param/value). The Sync will fail with:
403, message='Forbidden', url=URL('http://distro.ibiblio.org/centos/7.9.2009/os/x86_64/LiveOS/squashfs.img/?foo=bar')
Notice that an extra slash is added to the url, it likely should be: http://distro.ibiblio.org/centos/7.9.2009/os/x86_64/LiveOS/squashfs.img?foo=bar
Note that this repo is not actually a SLES repo, and this was discovered accidentally due to katello's aggressive nature of using the sles_auth_token for all get params on a repo, but this will also be tackled (https://projects.theforeman.org/issues/32660)
Updated by dalley almost 3 years ago
@Justin, is this an issue that impacts all SLES repos, or an issue that occurs because this option was used on a non-SLES repo?
Updated by jsherril@redhat.com almost 3 years ago
its mostly because it was used on a non-sles repo, but i suspect it could happen on a sles repo if it includes kickstart files. It may return a 404 instead of a 403 depending on the webserver in use
Updated by dalley almost 3 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to dalley
Updated by dalley almost 3 years ago
This turned out to be a really simple issue so I just went ahead and fixed it.
Updated by pulpbot almost 3 years ago
- Status changed from ASSIGNED to POST
Added by dalley almost 3 years ago
Updated by dalley almost 3 years ago
- Status changed from POST to MODIFIED
Applied in changeset 82e9ac49f290c45cd886961f65d5dda2e046b208.
Updated by pulpbot almost 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
Don't add a trailing slash any time that sles_auth_token is present
closes: #8816 https://pulp.plan.io/issues/8816