fix: percent-encode usernames in Postgres connection URLs#34
fix: percent-encode usernames in Postgres connection URLs#34cocoa-claw[bot] wants to merge 1 commit intomasterfrom
Conversation
cocoa-claw
Bot
force-pushed
the
fix/username-encoding-issue-33
branch
4 times, most recently
from
00c598b to
fadd91d
Compare
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fadd91d308
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| // Add user | ||
| url.push_str(&self.user); | ||
| // Add user (percent-encoded to handle special characters like @) | ||
| url.push_str(&urlencoding::encode(&self.user)); |
There was a problem hiding this comment.
Encoding self.user unconditionally in to_url() regresses existing saved connections whose user field is already percent-encoded (for example, entries created earlier via URL paste/import). Those entries will now serialize as ...user%2540domain.com..., so Postgres receives user%40domain.com as the literal username and authentication fails. The new decode path in from_url() only fixes newly parsed URLs, so previously persisted configs are still affected unless you normalize/migrate legacy user values before this encode step.
Useful? React with 👍 / 👎.
Fixes issue #33 where usernames containing @ (and other special characters) would break the connection URI parsing. Changes: - URL-encode the username in to_url() using the existing urlencoding::encode() - Add tests for usernames with @ and other special characters - Verify round-trip encoding/decoding works correctly Before: user@domain.com@localhost (parsed incorrectly) After: user%40domain.com@localhost (parsed correctly)
cocoa-claw
Bot
force-pushed
the
fix/username-encoding-issue-33
branch
from
fadd91d to
c36f745
Compare
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c36f7458ea
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| let decoded_user = urlencoding::decode(&self.user) | ||
| .map(|s| s.into_owned()) | ||
| .unwrap_or_else(|_| self.user.clone()); | ||
| url.push_str(&urlencoding::encode(&decoded_user)); |
There was a problem hiding this comment.
to_url() now runs urlencoding::decode(&self.user) before encoding, which can silently rewrite valid usernames that contain literal percent sequences. A concrete failure path is postgres://user%2540team@host/db: from_url() stores user%40team, but to_url() decodes that to user@team and emits user%40team, changing the account identity on reconnect and causing authentication to target the wrong role. Usernames should be percent-encoded from the stored value without a pre-decode step.
Useful? React with 👍 / 👎.
|
Closing in favor of #40, which reimplements the fix from a fresh |
1 participant
Fixes #33
Problem
Postgres usernames containing
@(and other special characters) were not being percent-encoded when building connection URIs, causing the@to be misinterpreted as the delimiter between userinfo and host.Example:
user@domain.comwould producepostgres://user@domain.com@localhost/mydbwhich parses incorrectly.Solution
URL-encode the username in
to_url()using the existingurlencoding::encode()helper.Changes
to_url()test_connection_to_url_with_at_in_username()testtest_connection_url_round_trip_with_special_username()testVerification
user@domain.comnow produces:postgres://user%40domain.com@localhost/mydbto_url()→from_url()preserves the original username