Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 2.9.1 GA, 2.14.0 GA, 2.13.2 GA
Component/s: Gateway
Labels:

Blocked:
False
Ready:
False
3Scale PT Tested upstream:
Not Started
3scale PT Docs:
Not Started
3scale PT Product Specs:
Not Started
3scale PT Product Update Ready:
Not Started
3scale PT Released In Saas:
Not Started
3scale PT Verified Product:
Not Started
QE Test Coverage:
+
Release Note Text:
Undefined
Steps to Reproduce:
Hide

Routing Policy configured as follows (APIaaP with backend at /foo)

{ "name": "routing", "version": "builtin", "configuration": { "rules": [ { "url": "https://echo-api.3scale.net:443", "condition": { "combine_op": "and", "operations": [ { "op": "matches", "value": "^(/foo/.*|/foo/?)", "match": "path" } ] }, "replace_path": "{{uri | remove_first: '/foo'}}" } ] } }

Example requests and responses:

example 1

$ curl -k "https://api-3scale-apicast.apps-crc.testing:443/foo/+" -H'user_key:abc' { "method": "GET", "path": "/%20", [output truncated]

example 2

$ curl -k "https://api-3scale-apicast-staging.apps-crc.testing:443/foo/%2B" -H'user_key:abc' { "method": "GET", "path": "/%20", [output truncated]

example 3

$ curl -k "https://api-3scale-apicast-staging.apps-crc.testing:443/foo/%26%24%23" -H'user_key:abc' { "method": "GET", "path": "/&$%23", [output truncated]

example 4

$ curl -k "https://api-3scale-apicast-staging.apps-crc.testing:443/foo/#####" -H'user_key:abc' { "method": "GET", "path": "/", [output truncated]
Show
Routing Policy configured as follows (APIaaP with backend at /foo) { "name" : "routing" , "version" : "builtin" , "configuration" : { "rules" : [ { "url" : "https: //echo-api.3scale.net:443" , "condition" : { "combine_op" : "and" , "operations" : [ { "op" : "matches" , "value" : "^(/foo/.*|/foo/?)" , "match" : "path" } ] }, "replace_path" : "{{uri | remove_first: '/foo' }}" } ] } } Example requests and responses: example 1 $ curl -k "https: //api-3scale-apicast.apps-crc.testing:443/foo/+" -H 'user_key:abc' { "method" : "GET" , "path" : "/%20" , [output truncated] example 2 $ curl -k "https: //api-3scale-apicast-staging.apps-crc.testing:443/foo/%2B" -H 'user_key:abc' { "method" : "GET" , "path" : "/%20" , [output truncated] example 3 $ curl -k "https: //api-3scale-apicast-staging.apps-crc.testing:443/foo/%26%24%23" -H 'user_key:abc' { "method" : "GET" , "path" : "/&$%23" , [output truncated] example 4 $ curl -k "https: //api-3scale-apicast-staging.apps-crc.testing:443/foo/#####" -H 'user_key:abc' { "method" : "GET" , "path" : "/" , [output truncated]

SFDC Cases Counter:
SFDC Cases Links:

Description

As visible in the steps to reproduce, it seems that the routing policy is introducing an unpredictable behaviour on certain characters, when routing the request to upstream:

+   --> encoded to %20 (wrong encoding)
%2B --> changed to %20 
%26 --> decoded to &
%24 --> decoded to $
%23 --> left unchanged

The expected behaviour is that all the characters should be left unchanged
The issue happens here, called from here e.g. whenever the routing rule specifies a replace_path

Please read all comments.

Attachments

Issue Links

is blocked by

THREESCALE-6428 Add APIaaP Routing policy just before APICast policy

Closed

THREESCALE-5117 Special characters in the backend usage path result in wrong routing

Closed

is duplicated by

THREESCALE-7130 APIaaP is causing URL encoding on API requests' paths

Closed

links to

APIcast changes the encoding of some characters

Activity

People

Assignee:: Unassigned

Reporter:: Samuele Illuminati (Inactive)

Tester:: Jakub Urban

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Created:: 2021/03/11 4:03 PM

Updated:: 2024/03/14 2:40 PM