Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FIX URI path handling to remove double slashes #2

Merged
merged 1 commit into from
Nov 21, 2024

Conversation

khiav223577
Copy link
Owner

@khiav223577 khiav223577 commented Nov 21, 2024

Pick the PR from original repo.


Fix request URI to remove double slashes.
Vault server returns 301 redirect for double slash URIs, requiring resending. Since Vault server v1.17.3, the redirect URL has changed.

For example, take key: /cubbyhole/my-secret:

  • Before vault v1.17.2, vault-ruby sends /v1//cubbyhole/my%2Dsecret, and the Vault server returns /v1/cubbyhole/my-secret.
  • After vault v1.17.3, vault-ruby sends /v1//cubbyhole/my%2Dsecret, and the Vault server returns /v1/cubbyhole/my%252Dsecret.

Thus, the behavior is not the same. Removing the double slashes prevents the redirect mechanism from being triggered.

Fix request URI to remove double slashes.
Vault server returns 301 redirect for double slash URIs, requiring resending.
Since Vault server v1.17.3, the redirect URL has changed.

For example, take key: `/cubbyhole/my-secret`:

- Before vault v1.17.2, vault-ruby sends `/v1//cubbyhole/my%2Dsecret`,
  and the Vault server returns `/v1/cubbyhole/my-secret`.
- After vault v1.17.3, vault-ruby sends `/v1//cubbyhole/my%2Dsecret`,
  and the Vault server returns `/v1/cubbyhole/my%252Dsecret`.

Thus, the behavior is not the same. Removing the double slashes prevents the
redirect mechanism from being triggered.
@khiav223577 khiav223577 self-assigned this Nov 21, 2024
@khiav223577 khiav223577 merged commit ec63b40 into khiav223577:master Nov 21, 2024
12 checks passed
@khiav223577 khiav223577 removed their assignment Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants