Skip to content

Don't allow authority to match path.#2220

Merged
ioquatix merged 1 commit intorack:mainfrom
socketry:request-target-authority
Jun 22, 2024
Merged

Don't allow authority to match path.#2220
ioquatix merged 1 commit intorack:mainfrom
socketry:request-target-authority

Conversation

@ioquatix
Copy link
Copy Markdown
Member

@ioquatix ioquatix commented Jun 21, 2024
edited
Loading

While investigating Sinatra failures, I noticed that some paths were incorrectly matching an authority.

  2) Error:
RoutingTest#test_it_handles_encoded_colons_correctly_0:
Rack::Lint::LintError: Only CONNECT requests may have PATH_INFO set to an authority (authority-form)
    /Users/samuel/Developer/ioquatix/rack/lib/rack/lint.rb:375:in `check_environment'
    /Users/samuel/Developer/ioquatix/rack/lib/rack/lint.rb:63:in `response'
    /Users/samuel/Developer/ioquatix/rack/lib/rack/lint.rb:41:in `call'
    /Users/samuel/.gem/ruby/3.3.3/gems/rack-test-2.1.0/lib/rack/test.rb:360:in `process_request'
    /Users/samuel/.gem/ruby/3.3.3/gems/rack-test-2.1.0/lib/rack/test.rb:163:in `custom_request'
    /Users/samuel/.gem/ruby/3.3.3/gems/rack-test-2.1.0/lib/rack/test.rb:112:in `get'
    /Users/samuel/.rubies/ruby-3.3.3/lib/ruby/3.3.0/forwardable.rb:240:in `get'
    test/routing_test.rb:113:in `block in <class:RoutingTest>'

I've confirmed after applying the patch, this test passes. We may need to backport this.

@ioquatix ioquatix force-pushed the request-target-authority branch from 31eacda to df57336 Compare June 21, 2024 08:13
@ioquatix ioquatix requested a review from jeremyevans June 21, 2024 08:22
@ioquatix ioquatix force-pushed the request-target-authority branch from df57336 to 027c36b Compare June 22, 2024 09:34
@ioquatix ioquatix merged commit db844cb into rack:main Jun 22, 2024
@ioquatix ioquatix deleted the request-target-authority branch June 22, 2024 09:37
ioquatix added a commit that referenced this pull request Jun 22, 2024
@ioquatix
Don't allow authority to match path. (#2220)
945ec8d
@ioquatix ioquatix added this to the v3.1.4 milestone Jun 22, 2024
@ioquatix ioquatix self-assigned this Jun 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeremyevans jeremyevans jeremyevans approved these changes

Assignees

@ioquatix ioquatix

Labels

Backport

Projects

None yet

Milestone

v3.1.4

Development

Successfully merging this pull request may close these issues.

2 participants

@ioquatix @jeremyevans