[CDRIVER-2187] Key file path, key file password, and certificate authority file path must be escaped in MongoDB URI Created: 11/Jun/17 Updated: 27/Oct/23 Resolved: 16/Jun/17 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | None |
| Affects Version/s: | 1.7.0 |
| Fix Version/s: | 1.7.0 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | A. Jesse Jiryu Davis | Assignee: | A. Jesse Jiryu Davis |
| Resolution: | Works as Designed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Description |
|
Allowing an unescaped "/" or other special character in the key file path, key file password, or the certificate authority file path introduces a parsing ambiguity. It violates the Connection String Spec's algorithm, which requires a driver to parse hostnames and user info from the URI segment before the last "/" character, and requires the driver to parse the options from the segment after the last "/" character. Thus we can't correctly parse a URI like this without violating the spec: "mongodb://server/?sslclientcertificatekeyfile=/tmp/key.pem" We can't parse that string while conforming to the spec, because the segment before the last "/" character is this: "mongodb://server/?sslclientcertificatekeyfile=/tmp" Instead, we must require this syntax: "mongodb://server/?sslclientcertificatekeyfile=%2Ftmp%2Fkey.pem" |
| Comments |
| Comment by A. Jesse Jiryu Davis [ 16/Jun/17 ] |
|
Nevermind, other drivers like PyMongo allow "/" in paths too. We've updated the spec to search the URI forward for the first slash instead of backward for the last, so slashes in paths are ok now. |