Fix url encoded credentials in netloc #82552
Merged
Commits on Jan 17, 2024
-
Fix url encoded credentials in netloc
Prior to this commit, it was impossible to use a module like dnf with a URL that contains a username with an @ such as an email address username, because: dnf: name: https://foo@example.com:bar@example.com/some.rpm Would cause netloc parsing to fail. However, the following: dnf: name: https://foo%40example.com:bar@example.com/some.rpm Would also fail because ansible would *not* URL-decode the credentials, causing the following to be base64 encoded in the Authorization header: Zm9vJTQwZXhhbXBsZS5jb206YmFyCg== Which decodes to: foo%40example.com:foo Which is *not* the authorized username, and as such, *won't* pass basic auth. With this commit, Ansible's url lib behaves like curl, chromium, wget, etc, and encodes the above to: Zm9vQGV4YW1wbGUuY29tOmJhcgo= Which decodes to: foo@example.com:bar Which will actually pass the HTTP Basic Auth, and is the same behaviour that you will find ie. with: curl -vvI https://foo%40bar:test@example.com 2>&1 |grep Auth | awk '{ print $4 }'
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.