salt.utils.url fails to properly quote URL userinfo #55561
Labels
Bug
broken, incorrect, or confusing behavior
Confirmed
Salt engineer has confirmed bug/feature - often including a MCVE
good first issue
good for someone new to salt
severity-low
4th level, cosemtic problems, work around exists
Projects
Milestone
Description of Issue
git module is lacking proper encoding of user and password fields inside 'userinfo' part of a url so it does not work with a personal repository for which the password contains more than letters and digits.
Setup
I'm trying to install a formula from a git repo, and it returns error
Port number ended with 'N'
(yes, 'N' is part of the password)And my password, being program generated, included a '+' and a '/' character in it.
I can easily replicate it with an sls like:
Steps to Reproduce Issue
Use a sls file like above. Have a git account with a password containing '+' and/or '/'. Try to clone it.
Fix
Check section 3.2.1. from RFC https://tools.ietf.org/html/rfc3986 and you'll see that user and password can not appear as-is. utils/url.py code has no processing done on those fields before being added to the url.
Possible fix below (tested):
Versions Report
The text was updated successfully, but these errors were encountered: