WSGI doesn't support Absolute URL (HTTP/1 compat)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
When http request contains absolute URL rather than absolute PATH, swift returns 401 unauthorized Temp url Invalid in response.
I have looked at the swift implementation, and this specific code is causing the problem
<pre>
if env['REQUEST_
try:
except ValueError as v:
if ver == 'v1' and obj.strip('/'):
</pre>
In failure case,
<pre>
env['PATH_INFO'] = https:/
</pre>
In success case,
<pre>
env['PATH_INFO'] = /v1/AUTH_
</pre>
As per RFC https:/
I am facing this issue when I am accesing swift over https proxy. Where client passes the absolute URL in http request line.
summary: |
- Swift returns 401 unauthorized Invalid TempUrl on Absolute URL + WSGI doesn't support Absolute URL (HTTP/1 compat) |
wsgiref doesn't really say what should be done about absolute uri - open bug upstream with no obvious suggestion (beyond the obviou "fix PATH_INFO and keep full uri around somewhere").
I think this is another reason [1] we need to pass our own HTTPProtocol class to the eventlet WSGI server. Then I think fairly early we could call urlparse on PATH_INFO in the environ and put the relative bits in there.
To get started I ran this:
import socket
sock = socket.socket() connect( ('127.0. 0.1', 8080)) sendall( 'GET http:// localhost: 8080/auth/ v1.0 HTTP/1.1\r\n\r\n')
sock.
sock.
print sock.recv(100)
Plus a `print self.environ` in swob.Request. split_path.
1. lp bug #1467155 being another recent one that comes to mind.