-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fieldKeyParser: handle bad url-encoded prefix key #1267
Closed
Closed
Changes from all commits
Commits
Show all changes
3 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@matthew-white is there a more idiomatic way to write this than nesting calls to
Option.of()
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right now,
prefixKey
is either a non-emptyOption
, or it'snull
. What if you always made it anOption
(anOption.none()
instead ofnull
)?If you did that, then you could set
request.fieldKey
in the same way as before:Though honestly, the way it was before doesn't feel especially clear to me. There, if
prefixKey
is not empty,.orElse()
will unwrap it, requiring us to rewrap it withOption.of()
.Maybe a ternary would be clearer?
I'm not sure that that's necessarily more idiomatic though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here's another thought. If
match != null
, why don't we setrequest.fieldKey
immediately and return? Why do we even go on to handlequeryKey
? I feel like right now, there's technically the possibility that someone could specify both: /v1/key/[some app user token]/projects/1/forms?st=[some public link token]. In that case,request.fieldKey
would hold the app user token, whilerequest.originalUrl
would be rewritten with the public link token.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this line important when there is a query key:
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's currently some weird manipulation of
originalUrl
available when both the query key and the prefix key are provided.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks that way to me too. I'd be very happy if we shut that path down. We don't expect a user to specify both.
I think that's probably just due to how the tests are written. Some tests include /v1 in the
url
passed tocreateRequest()
, while others don't. I'm pretty sure thatversionParser()
runs beforefieldKeyParser()
and will strip off /v1, sofieldKeyParser()
shouldn't ever see /v1 inrequest.url
.fieldKeyParser()
will still see /v1 inrequest.originalUrl
though, asversionParser()
doesn't change that.If we removed that line, I'm not sure that anything would break. My guess is that the idea was, we've done everything we need to with this query parameter, so nothing downstream ever needs to think about it.
That said, it looks like we retain the
st
query parameter inrequest.originalUrl
, so maybe there's a little inconsistency in that approach: we don't removest
from everything we could. That might have been a practical decision: it's easy to removest
fromrequest.query
, but maybe not as easy to remove it fromrequest.originalUrl
.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rewriting
originalUrl
at all seems questionable:There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@matthew-white assertions for
st
behaviour added at #1295There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@matthew-white I've updated #1291 to address this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I also feel a little unsure about rewriting it. It says "original" after all. 😅 Then again, it seems to be working fine as-is.
Looking at the codebase, it looks like we use
originalUrl
in a number of places. However, my guess is that the only place where we rely on the rewrittenoriginalUrl
is lib/resources/forms.js, since that's where the OpenRosa form list and manifest are served. A bunch of OData functionality referencesoriginalUrl
, but public links that use?st
can't access OData, so I doubt it matters there. It also looks like?st
is explicitly restricted to certain types of actors:authHandler()
will return a 403 if a web user tries to use?st
with a session token associated with their account.If we wanted to do something other than rewriting
originalUrl
, one option is that we could add a new property (openRosaUrl
?urlWithoutSt
?). But again, it does seem to be working as-is. It could be that Express providesoriginalUrl
for convenience, so that it can be accessed afterurl
is rewritten, yet also doesn't mind if you rewriteoriginalUrl
.