Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0005382 [Resin] minor always 02-26-13 13:53 09-11-14 11:15
Reporter alex View Status public  
Assigned To ferg
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 4.0.41 Product Version 4.0.35
  Product Build
Summary 0005382: web-tier / app-tier url encoding / decoding fidelity
Description actual request: 'a %20 x % ( ) &.html'

direct request\
curl 'http://localhost:8082/qa/a%20%2520%20x%20%25%20(%20)%20%26.html' [^]
server: app-0
request-uri : /qa/a%20%2520%20x%20%25%20(%20)%20%26.html
request-url : http://localhost:8082/qa/a%20%2520%20x%20%25%20(%20)%20%26.html [^]
servlet-path:
path-info : /a %20 x % ( ) &.html

\direct request

lb-request\
curl 'http://localhost:9080/qa/a%20%2520%20x%20%25%20(%20)%20%26.html' [^]
server: app-0
request-uri : /qa/a%20%20%20x%20%%20(%20)%20&.html
request-url : http://localhost:9080/qa/a%20%20%20x%20%%20(%20)%20&.html [^]
servlet-path:
path-info : /a x &65533;) &.html

\lb-request

base64 decode from the additional information string to get the actual data if Mantis breaks my submit.

Steps To Reproduce
Additional Information c2VydmVyOiAgICAgICBhcHAtMApyZXF1ZXN0LXVyaSA6IC9xYS9hJTIwJTI1MjAlMjB4JTIwJTI1JTIwKCUyMCklMjAlMjYuaHRtbApyZXF1ZXN0LXVybCA6IGh0dHA6Ly9sb2NhbGhvc3Q6ODA4Mi9xYS9hJTIwJTI1MjAlMjB4JTIwJTI1JTIwKCUyMCklMjAlMjYuaHRtbApzZXJ2bGV0LXBhdGg6IApwYXRoLWluZm8gICA6IC9hICUyMCB4ICUgKCApICYuaHRtbAoKc2VydmVyOiAgICAgICBhcHAtMApyZXF1ZXN0LXVyaSA6IC9xYS9hJTIwJTIwJTIweCUyMCUlMjAoJTIwKSUyMCYuaHRtbApyZXF1ZXN0LXVybCA6IGh0dHA6Ly9sb2NhbGhvc3Q6OTA4MC9xYS9hJTIwJTIwJTIweCUyMCUlMjAoJTIwKSUyMCYuaHRtbApzZXJ2bGV0LXBhdGg6IApwYXRoLWluZm8gICA6IC9hICAgeCDvv70pICYuaHRtbAoK
Attached Files

- Relationships

- Notes
(0006200)
alex
02-26-13 13:53

Original suport request:
rep by Andrew Foong
currently resin 4.0.35 url encoding works.

when I curl the following urls:
1. http://stage3.efinancedirectory.com/articles/Housing_Bubble_Analysis%3A_Interview_with_Global_Economic_Trend_Analysis_(Mish).html [^]
2. http://stage3.efinancedirectory.com/articles/Housing_Bubble_Analysis%3A_Interview_with_Global_Economic_Trend_Analysis_%28Mish%29.html [^]
3. http://stage3.efinancedirectory.com/articles/Housing_Bubble_Analysis%3A_Interview_with_Global_Economic_Trend_Analysis_(Mish%29.html [^]

which results in completely decoded output when the request makes it from the load-balancer to the app-tier:

[13-02-26 12:05:09.555] {resin-port-localhost:6802-453} 64.71.26.18 1313ms http://stage3.efinancedirectory.com/articles/Housing_Bubble_Analysis:_Interview_with_Global_Economic_Trend_Analysis_(Mish).html [^]


Spaces however do not have the same output on the app-tier (probably because spaces are required to be encoded as %20)

curling this:
1. http://stage3.education-portal.com/article_directory/q_p/page/A%20-%20C/q_p/Articles_about_Career_Planning.html [^]

results in:

[13-02-26 12:06:02.679] {resin-port-localhost:6802-1766} 64.71.26.18 1549ms http://stage3.education-portal.com/article_directory/q_p/page/A%20-%20C/q_p/Articles_about_Career_Planning.html [^]

%'s are like spaces, but we would expect them to not be..

hitting this:
http://stage3.efinancedirectory.com/articles/study_says_63%_of_u.s._housing_markets_are_overvalued.html [^]

results in:
[13-02-26 12:07:41.788] {resin-port-localhost:6802-1935} 64.71.26.18 168ms http://stage3.efinancedirectory.com/articles/study_says_63ưu.s._housing_markets_are_overvalued.html [^]

hitting this:
http://stage3.efinancedirectory.com/articles/study_says_63%25_of_u.s._housing_markets_are_overvalued.html [^]

results in an error on our side we receive the uri as: "http://stage3.efinancedirectory.com/articles/study_says_63%_of_u.s._housing_markets_are_overvalued.html" [^]

our question is this:

how did a valid url in the browser, go through the load balancer, to the app-tier and end up as an invalid uri?
 
(0006515)
ferg
09-11-14 11:15

Same issue as 0005785.
 

- Issue History
Date Modified Username Field Change
02-26-13 13:53 alex New Issue
02-26-13 13:53 alex Note Added: 0006200
09-11-14 11:15 ferg Note Added: 0006515
09-11-14 11:15 ferg Assigned To  => ferg
09-11-14 11:15 ferg Status new => closed
09-11-14 11:15 ferg Resolution open => fixed
09-11-14 11:15 ferg Fixed in Version  => 4.0.41


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
33 total queries executed.
29 unique queries executed.
Powered by Mantis Bugtracker