Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Caddy 2.8.4: uri replace does not work for %29 #6578

Open
emdsn opened this issue Sep 18, 2024 · 1 comment
Open

Caddy 2.8.4: uri replace does not work for %29 #6578

emdsn opened this issue Sep 18, 2024 · 1 comment

Comments

@emdsn
Copy link

emdsn commented Sep 18, 2024

We are using Caddy to rewrite URLs to Artifactory Cloud which does not understand encoded URLs. We have nuget queries that contain reserved characters like brackets eg.
http://host/artifactory/api/nuget/virtual-nuget-library/Packages(Id='F31.Ytos.Plugin.Account',Version='67.3.0')"

which I am trying to rewrite into http://host2/artifactory/api/nuget/onpremise-virtual-nuget-library/Packages(Id='F31.Ytos.Plugin.Account',Version='67.3.0')"

When using curl to test the uri gets encoded to: "uri": "/artifactory/api/nuget/v3/onpremise-virtual-nuget-library/Packages%28Id=%27F31.Ytos.Plugin.Account%27,Version=%2767.3.0%27%29"

I am attempting to strip out the encoded characters however this is failing when i get to %29.

the following works:
uri replace %28 "("
uri replace %27 "'"

result : "uri": "/artifactory/api/nuget/v3/onpremise-virtual-nuget-library/Packages(Id='F31.Ytos.Plugin.Account',Version='67.3.0'%29"

but when I add
uri replace %28 "("
uri replace %27 "'"
uri replace %29 ")"

It ends up back like: uri": "/artifactory/api/nuget/v3/onpremise-virtual-nuget-library/Packages%28Id=%27F31.Ytos.Plugin.Account%27,Version=%2767.3.0%27%29

Caddy --version
v2.8.4

caddy run --watch Caddyfile

handle_path /artifactory/api/nuget/* {
	rewrite * /artifactory/api/nuget/v3/onpremise-{uri}
	uri replace onpremise-/ onpremise-
	uri replace %28 "("
	uri replace %27 "'"
	uri replace %29 ")"

	reverse_proxy https://host2 {
		header_up Host {upstream_hostport}
	}
}

curl -v "http://host/artifactory/api/nuget/virtual-nuget-library/Packages(Id='F31.Ytos.Plugin.Account',Version='67.3.0')"

result:

2024/09/18 11:27:42.421 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "host2:443", "duration": 0.155411915, "request": {"remote_ip": "::1", "remote_port": "50987", "client_ip": "::1", "proto": "HTTP/1.1", "method": "GET", "host": "host2:443", "uri": "/artifactory/api/nuget/v3/onpremise-virtual-nuget-library/Packages%28Id=%27F31.Ytos.Plugin.Account%27,Version=%2767.3.0%27%29", "headers": {"X-Forwarded-For": ["::1"], "X-Forwarded-Proto": ["http"], "X-Forwarded-Host": ["host"], "User-Agent": ["curl/8.7.1"], "Accept": ["/"], "Authorization": ["REDACTED"]}}, "headers": {"Content-Type": ["application/json"], "Allow": ["DELETE,OPTIONS,PUT"], "Date": ["Wed, 18 Sep 2024 11:27:43 GMT"], "Connection": ["keep-alive"], "X-Jfrog-Version": ["Artifactory/7.94.1 79401900"], "X-Artifactory-Id": ["41ce1f82efe45c73c1e83adc3cc9be4d308371be"], "X-Artifactory-Node-Id": ["artifactory-primary-2"], "Strict-Transport-Security": ["max-age=31536000; preload"]}, "status": 405}

@Jiehong
Copy link

Jiehong commented Jan 7, 2025

I tried to reproduce with 2.9.0, and it's actually weirder than it seems.

Try with this caddy file:

:8080 {
	root /var/www/html

	handle_path /hello/* {
	    uri replace %28 "&"
	    uri replace %29 "&"
	}

    respond {uri}

	# Log requests
	log
}

Then launch curl 'http://localhost:8080/hello/%28%29' and you'll see: /$&.

But now, use this caddyfile:

:8080 {
	root /var/www/html

	handle_path /hello/* {
	    uri replace %28 "("
	    uri replace %29 ")"
	}

    respond {uri}

	# Log requests
	log
}

And now you'll see /%28%29.

Aka, the replacement did not work at all, even though only the value of what was replaced changed.

Just replace %28 or just replacing %29 works, but not both at the same time (or uri always gets re-encoded sometimes?).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants