Skip to content

Commit

Permalink
Properly encode baggage values and metadata (#3740)
Browse files Browse the repository at this point in the history 
* URL encode & decode baggage values
Resolves #3442

* Vendor in the guava url escaping code, and use it, rather than URLEncoder

* add fuzz testing for the escaper and propagator

* formatting

* Remove strict value validation from the baggage implementation
And, ensure we encode baggage metadata as well as the baggage value.

* Add additional fuzz iterations, manually.

* remove the usage of the vintage engine and use driver test methods instead
  • Loading branch information
@jkwatson
jkwatson authored Oct 14, 2021
1 parent 3b5c48f commit 69d26c1
Show file tree
Hide file tree
Showing 8 changed files with 561 additions and 49 deletions.
2 changes: 1 addition & 1 deletion api/all/src/main/java/io/opentelemetry/api/baggage/ImmutableBaggage.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,6 @@ private static boolean isKeyValid(String name) {
* @return whether the value is valid.
*/
private static boolean isValueValid(String value) {
return value != null && StringUtils.isPrintableString(value);
return value != null;
}
}
39 changes: 27 additions & 12 deletions api/all/src/main/java/io/opentelemetry/api/baggage/propagation/Parser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@

import io.opentelemetry.api.baggage.BaggageBuilder;
import io.opentelemetry.api.baggage.BaggageEntryMetadata;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import javax.annotation.Nullable;

/**
Expand Down Expand Up @@ -83,11 +86,7 @@ void parseInto(BaggageBuilder baggageBuilder) {
break;
case KEY: // none
}
putBaggage(
baggageBuilder,
key.getValue(),
value.getValue(),
BaggageEntryMetadata.create(meta));
putBaggage(baggageBuilder, key.getValue(), value.getValue(), meta);
reset(i + 1);
break;
}
Expand All @@ -112,16 +111,14 @@ void parseInto(BaggageBuilder baggageBuilder) {
case META:
{
String rest = baggageHeader.substring(metaStart).trim();
putBaggage(
baggageBuilder, key.getValue(), value.getValue(), BaggageEntryMetadata.create(rest));
putBaggage(baggageBuilder, key.getValue(), value.getValue(), rest);
break;
}
case VALUE:
{
if (!skipToNext) {
value.tryTerminating(baggageHeader.length(), baggageHeader);
putBaggage(
baggageBuilder, key.getValue(), value.getValue(), BaggageEntryMetadata.empty());
putBaggage(baggageBuilder, key.getValue(), value.getValue(), null);
break;
}
}
Expand All @@ -132,9 +129,27 @@ private static void putBaggage(
BaggageBuilder baggage,
@Nullable String key,
@Nullable String value,
BaggageEntryMetadata metadata) {
if (key != null && value != null) {
baggage.put(key, value, metadata);
@Nullable String metadataValue) {
String decodedValue = decodeValue(value);
metadataValue = decodeValue(metadataValue);
BaggageEntryMetadata baggageEntryMetadata =
metadataValue != null
? BaggageEntryMetadata.create(metadataValue)
: BaggageEntryMetadata.empty();
if (key != null && decodedValue != null) {
baggage.put(key, decodedValue, baggageEntryMetadata);
}
}

@Nullable
private static String decodeValue(@Nullable String value) {
if (value == null) {
return null;
}
try {
return URLDecoder.decode(value, StandardCharsets.UTF_8.name());
} catch (UnsupportedEncodingException e) {
return null;
}
}

Expand Down
Loading

0 comments on commit 69d26c1

Please sign in to comment.