8272702: Resolving URI relative path with no / may lead to incorrect toString #8899
Conversation
|
👋 Welcome back tkiriyama! A progress list of the required criteria for merging this PR into |
|
@tkiriyama The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
Webrevs
|
|
@tkiriyama You're using the wrong bugid. JDK-8272707 has nothing to do with URI. Please use the correct bugid. |
tkiriyama
changed the title
I'm sorry, I made a mistake. |
| if (i >= 0) { | ||
| sb.append(base, 0, i + 1); | ||
| } else { | ||
| sb.append("/"); | ||
| } |
There was a problem hiding this comment.
This is wrong as it will cause URI.create("foo").resolve(URI.create("test")) to return "/test" instead of "test"
There was a problem hiding this comment.
Your comment is correct. The behavior of specifying a relative URI as the base URI should not change, although rfc2396 recommended that the base URI be an absolute URI.
I modified to add "/" only if the given base URI is an absolute URI.
There was a problem hiding this comment.
@dfuch
Could you review this fix again, please?
There was a problem hiding this comment.
I will have a look but analyzing the proposed fix and thinking about the potential side effects will take me some time.
There was a problem hiding this comment.
@dfuch
I merged the latest source code and modified this fix again to resolve conflicts. Please check it again.
There was a problem hiding this comment.
@dfuch
I'm sorry to bother you, is there anything wtong in this fix?
|
It seems like URI is currently behaving to spec. Even though the behavior is surprising, it's a corner case that isn't anticipated by the spec (or RFC 2396 for that matter). It looks like this was corrected in RFC 3986, but the whole resolution algorithm is specified differently in RFC 3986. I agree we would need to better understand the potential for incompatibility by making this change, eg how does it affect resolution + relativization round trips in these cases? |
|
I've thought about this some more and it does seem like the intent of RFC 2396 is clearly that an absolute URI should always have an absolute path (beginning with "/"). This implies when resolving a relative reference such as "test" against an absolute URI with an empty path, this implies a "/" needs to be added. RFC 3986 makes this explicit. Existing code is probably working around the issue by adding a "/" explicitly when none present prior to resolution of the reference. I think we should go ahead with the change and I'm happy to sponsor it. |
|
@tkiriyama This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 582 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@dfuch, @Michael-Mc-Mahon) but any other Committer may sponsor as well. ➡️ To flag this PR as ready for integration with the above commit message, type |
There was a problem hiding this comment.
I agree with Michael. I did a deep dive in the URI code and conducted some experiments with the proposed fix and am happy with the results. I also double checked with the JCK tests for api/java_net and they were still happy. I believe this is good to go. Thanks for persisting with this one!
|
@tkiriyama please /integrate and one of us will sponsor. |
|
/integrate |
|
I'm sorry for the late reply. I appreciate all reviews. @dfuch |
|
@tkiriyama |
|
/sponsor |
|
Going to push as commit 79597f1.
Your commit was automatically rebased without conflicts. |
openjdk
bot
removed
ready
|
@dfuch @tkiriyama Pushed as commit 79597f1. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
Consider an authority component without trailing "/" as a base URI. When resolving a relative path against this base URI, the resulting URI is a concatenated URI without "/".
This behaviour should be fixed, which is rationalized by rfc3986#section-5.2.3.
Could you review this fix?
Progress
Issue
Reviewers
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.org/jdk pull/8899/head:pull/8899$ git checkout pull/8899Update a local copy of the PR:
$ git checkout pull/8899$ git pull https://git.openjdk.org/jdk pull/8899/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 8899View PR using the GUI difftool:
$ git pr show -t 8899Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/8899.diff