From 030738ba71db04dfbdd4d437b8f49ab9cb323aa2 Mon Sep 17 00:00:00 2001
From: Neelima Premsankar <neelima.premsankar@couchbase.com>
Date: Wed, 17 Jan 2024 09:49:17 -0800
Subject: [PATCH] MB-60389: Don't use uri_string:parse.

It doesn't allow '{', '[', '"' among others.
For a complete list, see uri_string:allowed_characters().

To ensure backward compatibility, continue to allow those
characters.

Continue to normalize the paths (introduced in MB-59791).
(Note that the issue in MB-59791 is not seen without parse()).

Catch the original issue in MB-58884 where the request doesn't
fit the format '/' ++ X.. this isn't exhaustive by any means.

Change-Id: I255f5ac161be96f9bacae532d8c770982def3477
Reviewed-on: https://review.couchbase.org/c/ns_server/+/203847
Tested-by: Neelima Premsankar <neelima.premsankar@couchbase.com>
Well-Formed: Build Bot <build@couchbase.com>
Well-Formed: Restriction Checker
Tested-by: Build Bot <build@couchbase.com>
Reviewed-by: Timofey Barmin <timofey.barmin@couchbase.com>
---
 src/menelaus_web.erl | 30 +++++++++++++-----------------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/src/menelaus_web.erl b/src/menelaus_web.erl
index 33451b1a38..b79ccc4ce7 100644
--- a/src/menelaus_web.erl
+++ b/src/menelaus_web.erl
@@ -158,17 +158,13 @@ webconfig() ->
 webconfig(Prop) ->
     proplists:get_value(Prop, webconfig()).
 
-parse_path_uri(RawPath) ->
-    RawPathSingleSlash =  lists:flatten(mochiweb_util:normalize_path(RawPath)),
-    case uri_string:parse(RawPathSingleSlash) of
-        #{path := "/" ++ P} -> P;
-        #{} ->
-            ?log_debug("Invalid path in: ~p", [RawPath]),
-            menelaus_util:web_exception(400, "Bad Request");
-        {error, _, _} = Error ->
-            ?log_debug("Invalid uri in http request: ~p, "
-                       "error: ~p", [RawPath, Error]),
-            menelaus_util:web_exception(400, "Bad Request")
+parse_path(RawPath) ->
+    RawPathSingleSlash = lists:flatten(mochiweb_util:normalize_path(RawPath)),
+    case RawPathSingleSlash of
+        "/" ++ RawPathStripped ->
+            {Path, _, _} = mochiweb_util:urlsplit_path(RawPathStripped),
+            Path;
+        _ -> menelaus_util:web_exception(400, "Bad Request")
     end.
 
 loop(Req0, Config) ->
@@ -184,7 +180,7 @@ loop(Req0, Config) ->
               %% handed correctly, in that we delay converting %2F's to slash
               %% characters until after we split by slashes.
               RawPath = mochiweb_request:get(raw_path, Req),
-              Path = parse_path_uri(RawPath),
+              Path = parse_path(RawPath),
               PathTokens = lists:map(fun mochiweb_util:unquote/1,
                                      string:tokens(Path, "/")),
               request_tracker:request(
@@ -1347,12 +1343,12 @@ response_time_ms(Req) ->
 -ifdef(TEST).
 parse_http_path_uri_test() ->
     ?assertEqual("fakePrefix/diag/eval/",
-                 parse_path_uri("//fakePrefix/diag/eval/")),
+                 parse_path("//fakePrefix/diag/eval/")),
     ?assertEqual("fakePrefix/diag/eval/",
-                 parse_path_uri("///////fakePrefix/diag/eval/")),
-    ?assertEqual("fake/path", parse_path_uri("/fake/path")),
+                 parse_path("///////fakePrefix/diag/eval/")),
+    ?assertEqual("fake/path", parse_path("/fake/path")),
     ?assertEqual({web_exception, 400, "Bad Request", []},
-                 catch(parse_path_uri(""))),
+                 catch(parse_path(""))),
     ?assertEqual({web_exception, 400, "Bad Request", []},
-                 catch(parse_path_uri("\\/\/"))).
+                 catch(parse_path("\\/\/"))).
 -endif.