-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
Use Case
As a... user of the connection string parser
I want... connection strings with unescaped reserved characters in userinfo (especially an unescaped @ in the password) to be rejected
So that... invalid uris do not parse successfully and then result in a confusing authentication error returned to the user
User Experience
- Correct validation behavior for malformed connections
- a string like {{mongodb+srv://user
@ss@localhost/ }}will result in an exception - this is a bug in the node driver (connection string parsing package)
Dependencies
- upstream, COMPASS-10688 depends on this work
Risks/Unknowns
- Main risk is changing parsing too broadly while fixing unescaped character handling
- Other drivers may also have this issue
- We were notified about this because COMPASS uses our driver
Acceptance Criteria
Implementation Requirements
- connection string parsing is updated and throws appropriate errors when unescaped @ and similar reserved characters are present in userinfo
- existing tests pass
- new tests pass
Testing Requirements
- add more test cases to parsing tests, ensure unescaped @ is handled properly
Documentation Requirements
- none
Follow Up Requirements
- none
- is depended on by
-
COMPASS-10719 Investigate changes in NODE-7597: handle unescaped @ in the password
-
- Closed
-
- related to
-
-
- In Progress
-