<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 22:41:39 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[COMPASS-6030] Inconsistent treatment of special characters in password in Connection string method and Wizard method</title>
                <link>https://jira.mongodb.org/browse/COMPASS-6030</link>
                <project id="13182" key="COMPASS">Compass </project>
                    <description>&lt;h3&gt;&lt;a name=&quot;ProblemStatement%2FRationale&quot;&gt;&lt;/a&gt;&lt;b&gt;Problem Statement/Rationale&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;What is going wrong? What action would you like the Engineering team to take?&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Special characters in password are not behaving consistently and may prevent logging in.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Please be sure to attach relevant logs &lt;em&gt;with any sensitive data redacted&lt;/em&gt;.&lt;/b&gt;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;StepstoReproduce&quot;&gt;&lt;/a&gt;&lt;b&gt;Steps to Reproduce&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;How could an engineer replicate the issue you&#8217;re reporting?&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Create replica set 5.0.10&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Create users with password using special character described in &lt;a href=&quot;https://jira.mongodb.org/browse/COMPASS-2844&quot; class=&quot;external-link&quot; rel=&quot;nofollow&quot;&gt;https://jira.mongodb.org/browse/COMPASS-2844&lt;/a&gt;&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Passwords were 1 character in length for simplification.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Log in using those special characters in the Connection String method.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Also tested logging in using the Connection wizard under &quot;Advanced Connection Options&quot;. Also saw ascii values/direct character typed in not consistently displayed in UI (in the connection string field being built).&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Expected Results&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;What do you expect to happen?&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;To be able to log successfully with all valid special characters. Being able to log in was also compared and confirmed with mongosh and mongo shell. See&#160;&lt;/font&gt;MONGOSH-1289.&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;ActualResults&quot;&gt;&lt;/a&gt;&lt;b&gt;Actual Results&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;What do you observe is happening?&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;1. Can&apos;t log in with &quot;/&quot; &quot;?&quot; and &quot;#&quot; and equivalent ascii character replacement.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Error messages also vary.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;This prevents users from logging in when the passwords includes these special characters. Tests were simplified by using 1 character password.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;2. Error messages vary.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;3. Typing in the character in the password field in &quot;Advanced Connection Options&quot; doesn&apos;t change into the ascii value above in the connection string field that is being built for &quot;_&quot;, &quot;!&quot;, &quot;-&quot;, and &quot;&apos;&quot; as with the other special characters. Behavior should be consistent.&lt;/font&gt;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;AdditionalNotes&quot;&gt;&lt;/a&gt;&lt;b&gt;Additional Notes&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Any additional information that may be useful to include.&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Item 1 Prevents users from logging in.&lt;br/&gt;
Item 2 and 3 are cosmetic.&lt;/font&gt;&lt;/p&gt;</description>
                <environment>Atlas RS 5.0.10&lt;br/&gt;
macOS 12.5</environment>
        <key id="2116586">COMPASS-6030</key>
            <summary>Inconsistent treatment of special characters in password in Connection string method and Wizard method</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13202">Works as Designed</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="felicia.hsieh@mongodb.com">Felicia Hsieh</reporter>
                        <labels>
                    </labels>
                <created>Thu, 18 Aug 2022 03:01:43 +0000</created>
                <updated>Fri, 27 Oct 2023 13:07:36 +0000</updated>
                            <resolved>Wed, 24 Aug 2022 12:05:06 +0000</resolved>
                                    <version>1.32.6</version>
                                    <fixVersion>No version</fixVersion>
                                    <component>Connectivity</component>
                    <component>UI / UX</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="4773286" author="JIRAUSER1256529" created="Wed, 24 Aug 2022 12:05:06 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=felicia.hsieh%40mongodb.com&quot; class=&quot;user-hover&quot; rel=&quot;felicia.hsieh@mongodb.com&quot;&gt;felicia.hsieh@mongodb.com&lt;/a&gt; Okay, we got the original message from the customer.&lt;/p&gt;

&lt;p&gt;This is working as designed. Some special characters &lt;b&gt;need&lt;/b&gt; to be escaped using percent encoding when included in URLs. Specifically, according to the specification for URLs, these are:&lt;/p&gt;

&lt;p&gt;: / ? # [ ] @&lt;/p&gt;

&lt;p&gt;The Password field in the Advanced Connection Tabs will always contain the literal password. The connection string must contain a representation of the password in which special characters are escaped. Compass may escape more characters than are strictly necessary when entering passwords through the Password field; currently, those are all characters &lt;b&gt;except&lt;/b&gt;&lt;/p&gt;

&lt;p&gt; A-Z a-z 0-9 - _ . ! ~ * &apos; ( )&lt;/p&gt;

&lt;p&gt;This does not affect the validity of the password, and this set of characters may vary over time. For example, &lt;tt&gt;mongodb://test:%24b%C3%A4r@localhost/&lt;/tt&gt; and &lt;tt&gt;mongodb://test:$b&#228;r@localhost/&lt;/tt&gt; contain different representations of the same username/password combination.&lt;/p&gt;</comment>
                            <comment id="4770030" author="JIRAUSER1256529" created="Tue, 23 Aug 2022 13:03:00 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=felicia.hsieh%40mongodb.com&quot; class=&quot;user-hover&quot; rel=&quot;felicia.hsieh@mongodb.com&quot;&gt;felicia.hsieh@mongodb.com&lt;/a&gt; Do you have log files or screenshots? Did you/the user enter the literal password (unescaped) into the connection string field? If yes, then this is expected behavior, since connection strings are formatted as URLs and special characters need to be escaped in URLs.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                            <attachment id="396459" name="image-2022-08-17-19-49-50-991.png" size="114825" author="felicia.hsieh@mongodb.com" created="Thu, 18 Aug 2022 02:49:52 +0000"/>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5006R00001nLdgzQAC]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 23 Aug 2022 12:42:11 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        1 year, 24 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10257" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Documentation Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="11861"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            1 year, 24 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>anna.henningsen@mongodb.com</customfieldvalue>
            <customfieldvalue>felicia.hsieh@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i16sn3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i0pk8w:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i16esf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>