fix(grpcHeaders): accept values with "=" symbols #8047
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
rkapka
previously requested changes
Dec 4, 2020
There was a problem hiding this comment.
First of all, thank you for the contribution!
This piece of code was never tested, but the functionality was straightforward. Now that it got more complicated, can you please add a suite of tests for various header values? It will greatly eliminate the risk of introducing bugs in case we need to add more code on top.
artburkart
changed the title
|
Hi @rkapka, Do you know if there's any faster way to invoke the tests than this? $ go test github.com/prysmaticlabs/prysm/validator/client
ok github.com/prysmaticlabs/prysm/validator/client 44.623sIf not, is it okay if we pull the snippet of code into something that can be unit tested? |
|
Ah, it looks like when I run individual tests, it goes way faster. |
# What
Before this commit, it was not possible to pass in base64-encoded
content as a header value if it contained an equals sign. This commit
changes the behavior slightly. Rather than ignore key/value pairs where
the value happens to have an equals sign, we assume the first equals
sign delimits the key from the value and pass in the rest of the value
as-is.
Also, instead of printing the header name along with its value, we
print the name, so there is less risk of leaking information into logs
that shouldn't be there.
# Testing
This has not been tested in the context of the full validator client.
Instead, a small example was made to demonstrate the feasibility. The
example is shown here:
```go
package main
import (
"log"
"os"
"strings"
"github.com/davecgh/go-spew/spew"
"github.com/urfave/cli/v2"
)
type Config struct {
GrpcHeadersFlag string
}
func main() {
app := &cli.App{
Action: func(c *cli.Context) error {
for _, hdr := range strings.Split(c.String("grpc-headers"), ",") {
if hdr != "" {
ss := strings.Split(hdr, "=")
spew.Dump(ss[0])
spew.Dump(strings.Join(ss[1:], "="))
}
}
return nil
},
Flags: []cli.Flag{
&cli.StringFlag{
Name: "grpc-headers",
Usage: "A comma-separated list of key value pairs to pass as gRPC headers for all gRPC " +
"calls. Example: --grpc-headers=key=value",
},
},
}
err := app.Run(os.Args)
if err != nil {
log.Fatal(err)
}
}
```
Example invocation:
```command
❯ go run main.go --grpc-headers=key=value,Authorization="Basic $(echo -n hello:world | base64)"
(string) (len=3) "key"
(string) (len=5) "value"
(string) (len=13) "Authorization"
(string) (len=22) "Basic aGVsbG86d29ybGQ="
```
artburkart
force-pushed
the
accept-headers-with-equal-signs
branch
from
2e00c9a
to
d131573
Compare
|
We've added 5 new tests cases. 👍 |
|
Ooops, I forgot to add a failure case. One moment please. |
artburkart
force-pushed
the
accept-headers-with-equal-signs
branch
from
d131573
to
3fe4935
Compare
artburkart
commented
Dec 4, 2020
Comment on lines
+78
to
+90
| for input, output := range map[string][]string{ | ||
| "should-break": []string{}, | ||
| "key=value": []string{"key", "value"}, | ||
| "": []string{}, | ||
| ",": []string{}, | ||
| "key=value,Authorization=Q=": []string{ | ||
| "key", "value", "Authorization", "Q=", | ||
| }, | ||
| "Authorization=this is a valid value": []string{ | ||
| "Authorization", "this is a valid value", | ||
| }, | ||
| } { |
There was a problem hiding this comment.
If this is considered too hacky, we can take the time to improve it.
artburkart
force-pushed
the
accept-headers-with-equal-signs
branch
from
3fe4935
to
2e43d6d
Compare
prestonvanloon
approved these changes
Dec 4, 2020
prestonvanloon
previously approved these changes
Dec 4, 2020
|
@artburkart. Please run gazelle. I tried to push to your branch but i dont have access. |
prestonvanloon
approved these changes
Dec 4, 2020
prestonvanloon
dismissed
rkapka’s stale review
Requested changes were addressed
|
Thank you! 🙏 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
Bug fix
What does this PR do? Why is it needed?
Before this commit, it was not possible to pass in base64-encoded
content as a header value if it contained an equals sign. This commit
changes the behavior slightly. Rather than ignore key/value pairs where
the value happens to have an equals sign, we assume the first equals
sign delimits the key from the value and pass in the rest of the value
as-is.
Also, instead of printing the header name along with its value, we only
print the name, so there is less risk of leaking information into logs
that shouldn't be there.
Which issues(s) does this PR fix?
N/A
Other notes for review
This has not been tested in the context of the full validator client.
Instead, a small example was made to demonstrate the feasibility. The
example is shown here:
Example invocation: