Normalize URI before redirect in order to avoid :badarg failure from nil port in URI #328
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…Finch from nil port - Fixes wojtekmach#327
|
Thank you. Could you look into testing it using the :plug feature, without bypass? |
|
I tried to implement a test using the :plug feature via the following: test "inherit port", c do
relative_redirect = fn
%Plug.Conn{host: "redirected", port: nil} ->
flunk("port cannot be nil")
%Plug.Conn{host: "redirected", port: 80} = conn ->
Plug.Conn.send_resp(conn, 200, "ok")
conn ->
conn
|> Plug.Conn.put_resp_header("location", "//redirected")
|> Plug.Conn.send_resp(301, "")
end
assert ExUnit.CaptureLog.capture_log(fn ->
assert Req.get!(c.url, plug: relative_redirect).status == 200
end) =~ "[debug] redirecting to //redirected"
endHowever, in the underlying The above test at least ensures that there's no fatal error with the |
|
Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Per #327 -
URI.merge/2overwrites port attribute with nil during merge with relative redirect URI. SinceURI.merge/2correctly follows RFC 3986 5.2 Relative Resolution, a separate normalization step is needed to include RFC 3986 6.2.3 Scheme-Based Normalization.Note: a test was not included since
Bypassruns on a port other than 80 or 443, and we would explicitly need to test to see if the port will be defaulted to 80/443 (depending on the original URI scheme). However, we were able to confirm a test watching for:badargexit fails prior to the patch and succeeds after the patch. This test has been excluded from the PR since it hangs the tests while waiting for a connection timeout in the success case.