cli: passwords with special characters cannot be passed in URL #35998
Labels
A-authentication
Pertains to authn subsystems
A-cc-enablement
Pertains to current CC production issues or short-term projects
A-cli-client
CLI commands that pertain to using SQL features
A-cli-flags
Pertains to CLI flag handling common to all CLI commands
C-bug
Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior.
docs-done
docs-known-limitation
S-3-ux-surprise
Issue leaves users wondering whether CRDB is behaving properly. Likely to hurt reputation/adoption.
Projects
Describe the problem
@vilterp @mberhault @nstewart
The managed console has a model that shows a
cockroach
command that lets the user connect securely to their cluster. Here is an example command, with a fake password:If your password has special characters in it (e.g. ">"), the cmd fails. I used a password manager to generate my password, and so it had five or so different special characters in it. The error message looks like this:
It works with psql tho:
cockroach
works if you don't put the password in the URL;cockroach
then prompts you for a password and there seems to be no issue even with special characters.On the managed side, we are gonna work around this issue by not including the password in the
cockroach
command we display to users. Perhaps we should fix the broader issue tho.Nate found the following issue on stackoverflow:
https://stackoverflow.com/questions/48671938/go-url-parsestring-fails-with-certain-user-names-or-passwords
The issue looks relevant. Could we call url.QueryEscape()?
To Reproduce
Connect to cluster with
cockroach
command with special character such as ">" in password part of connection URL. e.g.:Expected behavior
Ideally this would work without requiring user to escape the password. At the very least the error message could be clearer.
Environment:
The text was updated successfully, but these errors were encountered: