fixup! Y client: Fix URI scheme to move credentials out of query

parse_qsl no longer treats ';' as valid query separator for security reason because most proxies did not do so and it was possible to poison proxy cache due to difference in query separator handling (see bugs.python.org/issue42967). To handle credentials we don't have any proxy here, and it is still perfectly valid to use ';' as credentials separator. -> Fix it with ';' -> '&' replace workaround, before feeding credentials string to parse_qsl. Amends: b9a42957.

fixup! Y client: Fix URI scheme to move credentials out of query
parse_qsl no longer treats ';' as valid query separator for security reason because most proxies did not do so and it was possible to poison proxy cache due to difference in query separator handling (see bugs.python.org/issue42967). To handle credentials we don't have any proxy here, and it is still perfectly valid to use ';' as credentials separator. -> Fix it with ';' -> '&' replace workaround, before feeding credentials string to parse_qsl. Amends: b9a42957.
cf685fb5 · Kirill Smelkov · b7a42db0 · cf685fb5
Commit cf685fb5 authored Sep 08, 2021 by Kirill Smelkov
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

neo/client/zodburi.py neo/client/zodburi.py +1 -0

No files found.
--- a/neo/client/zodburi.py
+++ b/neo/client/zodburi.py
@@ -84,6 +84,7 @@ def _resolve_uri(uri):
        if scheme != "neos":
            raise ValueError("invalid uri: %s : credentials can be specified only with neos:// scheme" % uri)
        # ca=ca.crt;cert=my.crt;key=my.key
+        cred = cred.replace(';', '&') # ; is no longer in default separators set bugs.python.org/issue42967
        for k, v in OrderedDict(parse_qsl(cred)).items():
            if k not in _credopts:
                raise ValueError("invalid uri: %s : unexpected credential %s" % (uri, k))