redbird icon indicating copy to clipboard operation
redbird copied to clipboard

Published 20 hours ago verified publisher icon OptimalBits

Converts :// to :/ in query field

Open animatedcreativity opened this issue 5 years ago • 6 comments

I tried to pass link in query:

Example: https://proxy.animatedcreativity.com/?url=https://google.com/

It will forward it to:

http://127.0.0.1:3001/?url=https:/google.com/

Please check that https://google.com/ becomes https:/google.com/

Other than that, I love the simplicity of this module.

animatedcreativity avatar Mar 16 '19 03:03 animatedcreativity

However I am not sure it is an issue in redbird, since we are not processing the query params. Maybe you need to encodeURIComponent them.

manast avatar Mar 17 '19 15:03 manast

May be you are right. But, things were working for me as expected until I started using redbird, that is why it seemed to me as an issue with redbird itself. I had to add extra logic link.split(":/").join("://") at the receiving side.

animatedcreativity avatar Mar 17 '19 16:03 animatedcreativity

@animatedcreativity When you send special characters through a url, like : and /, you need to encode them, so https://google.com becomes https%3A%2F%2Fgoogle.com. The JavaScript function encodeURIComponent(); does this for you, and there is generally an equivalent in all server-side languages to decode it. Even if it works anyway, it is generally good practice not to send unsafe characters in URLs.

ghost avatar Mar 29 '19 22:03 ghost

Hmm. I have a very similar problem, but its with \.

Before you ask it to be encoded, this is direct from the Google's OAuth2 consent redirect, so I don't have control over it and its a very popular identity provider obviously.

The part of the url in question looks like the following: https://localhost:3000/api/v1/auth/google/response?code={a big long code with a / in it}

This redirect is part of the OAuth2 flow for web apps using Google for sign in/up.

My auth server is behind a redbird proxy as of this morning and I was getting a 400 status with "invalid grant, malformed auth code".

I tracked this down with wireshark, and the query param for code is being manipulated...

Bad request 4\XQHGq5_rPo8Kkhorh9ohiIINBUQ8K1ALlc42OZzAJmndjl17cdUVMlkMgbHMVEjolna_n-N3R7MRwY-0yO0tAck

Good request 4/XQHGq5_rPo8Kkhorh9ohiIINBUQ8K1ALlc42OZzAJmndjl17cdUVMlkMgbHMVEjolna_n-N3R7MRwY-0yO0tAck

Redbird seems to be replacing the forward slash with a backslash. Is this expected?

jmoyers avatar Jun 04 '19 18:06 jmoyers

FYI, replaced this with nginx and the slash is preserved.

jmoyers avatar Jun 05 '19 17:06 jmoyers

@jmoyers I too seem to be having this issue. Using localhost, my Google Auth works fine, but when I moved it to my production server that is behind Redbird, I start getting the "invalid grant, malformed auth code" error.

I wonder if there are any other tickets similar? I've scoured the web trying to find the solution to no avail. I could perhaps use a custom resolver, but so far I haven't had any luck as I haven't gotten a dependable implementation of a simple resolver working.

adrianoceguera avatar Oct 10 '19 23:10 adrianoceguera