-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
password
AMQP URI parameter is parsed incorrectly
#8129
Comments
lukebakken
added a commit
that referenced
this issue
May 10, 2023
lukebakken
added a commit
that referenced
this issue
May 10, 2023
The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes
lukebakken
added a commit
that referenced
this issue
May 10, 2023
Fixes #8129 The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes
mergify bot
pushed a commit
that referenced
this issue
May 10, 2023
Fixes #8129 The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes (cherry picked from commit 494d171)
mergify bot
pushed a commit
that referenced
this issue
May 10, 2023
Fixes #8129 The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes (cherry picked from commit 494d171) (cherry picked from commit 90549cd)
mergify bot
pushed a commit
that referenced
this issue
May 10, 2023
Fixes #8129 The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes (cherry picked from commit 494d171) (cherry picked from commit 90549cd) (cherry picked from commit 5eda3d2)
dcorbacho
pushed a commit
that referenced
this issue
May 11, 2023
Fixes #8129 The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes
dcorbacho
pushed a commit
that referenced
this issue
May 11, 2023
Fixes #8129 The query parameter `password` in an AMQP URI should only be used to set a certificate password, *not* the login password. The login password is set via the `amqp_authority` section as defined here - https://www.rabbitmq.com/uri-spec.html * Add test that demonstrates issue in #8129 * Modify code to fix test Modify amqp_uri so that test passes
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
In my testing, I found that the query parameter
&password=xxx
overrides the password in "amqps://user:pass@rabbitmq-host:5671", i.e. in this link it will useuser:xxx
to log into RabbitMQ instead ofuser:pass
:Reproduction steps
To see how this is parsed, start up RabbitMQ with
RABBITMQ_ALLOW_INPUT=true
and enter the following into the Erlang shell:Note that
xxx
is the AMQP login password as well, whoops.Expected behavior
The AMQP password is not overridden.
Additional context
No response
The text was updated successfully, but these errors were encountered: