Bug in camel URISupport?

2014-08-22 Thread neil Stevens 
Hello,

I think I have found a bug in camel-core and I'm hoping someone may be
able confirm if I am right about this.  In camel it is not possible
for a URI endpoint to have a query parameter with a value containing
an '' symbol.  The bug affects all endpoint types

For example its possible that a camel route may consume from an FTP
endpoint with a password conatining an '' symbol.  For example if I
wanted to connect to my FTP server in passive mode with a password of
GunsRoses I would expect the URI to be

ftp://neil@myHost/myDir?password=Guns%26RosespassiveMode=true

When Camel attempts to parse this URI it mistakenly divides
password=Guns%26RosespassiveMode=true into 3 parameters:
password=Guns, Roses=null, passiveMode=true.

I've followed the code through and this appears to be a bug in the
parseParameters method of URISupport class within camel-core.  This
method uses Java's URI::getQuery method to return the query part of
the string. This string is then split at '' characters.  The problem
is the URI::getQuery method will return the decoded query part of
the URI, when the encoded query part should be used  (We require the
string ?password=Guns%26RosespassiveMode=true when URI::getQuery
returns ?password=GunsRosespassiveMode=true).  This then causes
the split by '' to split the query parameters incorrectly

The Javadoc for
URI(http://docs.oracle.com/javase/7/docs/api/java/net/URI.html)
confims The getUserInfo, getPath, getQuery, getFragment,
getAuthority, and getSchemeSpecificPart methods decode any escaped
octets in their corresponding components. The strings returned by
these methods may contain both other characters and illegal
characters, and will not contain any escaped octets..  Therefore the
code should be altered to retrieve the enncoded query string.  This
would be a very simple as would simply mean modifying the line String
query = uri.getQuery(); to String query = uri.getRawQuery().

Could a camel developer confirm if they agree that this is a bug.  If
it is I would be happy to have a go at contributing the fix with a
unit test if some one can advise me how I should go about doing this

Thanks
Neil

Re: Bug in camel URISupport?

2014-08-22 Thread Claus Ibsen 
Hi

This FAQ
http://camel.apache.org/how-do-i-configure-password-options-on-camel-endpoints-without-the-value-being-encoded.html

And see the section about configuring passwords
http://camel.apache.org/how-do-i-configure-endpoints.html

On Sat, Aug 23, 2014 at 12:53 AM, neil Stevens
neilstevens2...@gmail.com wrote:
 Hello,

 I think I have found a bug in camel-core and I'm hoping someone may be
 able confirm if I am right about this.  In camel it is not possible
 for a URI endpoint to have a query parameter with a value containing
 an '' symbol.  The bug affects all endpoint types

 For example its possible that a camel route may consume from an FTP
 endpoint with a password conatining an '' symbol.  For example if I
 wanted to connect to my FTP server in passive mode with a password of
 GunsRoses I would expect the URI to be

 ftp://neil@myHost/myDir?password=Guns%26RosespassiveMode=true

 When Camel attempts to parse this URI it mistakenly divides
 password=Guns%26RosespassiveMode=true into 3 parameters:
 password=Guns, Roses=null, passiveMode=true.

 I've followed the code through and this appears to be a bug in the
 parseParameters method of URISupport class within camel-core.  This
 method uses Java's URI::getQuery method to return the query part of
 the string. This string is then split at '' characters.  The problem
 is the URI::getQuery method will return the decoded query part of
 the URI, when the encoded query part should be used  (We require the
 string ?password=Guns%26RosespassiveMode=true when URI::getQuery
 returns ?password=GunsRosespassiveMode=true).  This then causes
 the split by '' to split the query parameters incorrectly

 The Javadoc for
 URI(http://docs.oracle.com/javase/7/docs/api/java/net/URI.html)
 confims The getUserInfo, getPath, getQuery, getFragment,
 getAuthority, and getSchemeSpecificPart methods decode any escaped
 octets in their corresponding components. The strings returned by
 these methods may contain both other characters and illegal
 characters, and will not contain any escaped octets..  Therefore the
 code should be altered to retrieve the enncoded query string.  This
 would be a very simple as would simply mean modifying the line String
 query = uri.getQuery(); to String query = uri.getRawQuery().

 Could a camel developer confirm if they agree that this is a bug.  If
 it is I would be happy to have a go at contributing the fix with a
 unit test if some one can advise me how I should go about doing this

 Thanks
 Neil



-- 
Claus Ibsen
-
Red Hat, Inc.
Email: cib...@redhat.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen
hawtio: http://hawt.io/
fabric8: http://fabric8.io/