Return-Path: X-Original-To: apmail-couchdb-dev-archive@www.apache.org Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 018F875F9 for ; Wed, 9 Nov 2011 10:24:16 +0000 (UTC) Received: (qmail 28346 invoked by uid 500); 9 Nov 2011 10:24:15 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 28295 invoked by uid 500); 9 Nov 2011 10:24:15 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 28287 invoked by uid 99); 9 Nov 2011 10:24:15 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Nov 2011 10:24:15 +0000 X-ASF-Spam-Status: No, hits=-2001.2 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Nov 2011 10:24:12 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id F410B43FE1 for ; Wed, 9 Nov 2011 10:23:51 +0000 (UTC) Date: Wed, 9 Nov 2011 10:23:51 +0000 (UTC) From: "Klaus Trainer (Commented) (JIRA)" To: dev@couchdb.apache.org Message-ID: <689058960.13754.1320834232001.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <659274089.31752.1319813612868.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (COUCHDB-1321) Vars in Rewrite rules break OAuth authentication MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/COUCHDB-1321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13146915#comment-13146915 ] Klaus Trainer commented on COUCHDB-1321: ---------------------------------------- > This looks like it will fix this issue and COUCHDB-1320. Yeah, by introducing x-couchdb-requested-path and not relying on x-couchdb-vhost-path, it should provide a fix for both the rewrite and the vhost issue. > Does introducing x-couchdb-requested-path mean that there is no need for the vhost code to create x-couchdb-vhost-path? No, I don't think so as x-couchdb-vhost-path is used in src/couchdb/couch_httpd.erl and x-couchdb-requested-path will only be set when a request is rewritten. Accordingly, x-couchdb-vhost-path will only be set when there's a request to a vhost. Therefore, you can't replace one with the other. > Vars in Rewrite rules break OAuth authentication > ------------------------------------------------ > > Key: COUCHDB-1321 > URL: https://issues.apache.org/jira/browse/COUCHDB-1321 > Project: CouchDB > Issue Type: Bug > Components: HTTP Interface > Affects Versions: 1.1 > Environment: Ubuntu > Reporter: Martin Higham > Priority: Minor > Attachments: 0001-Fix-OAuth-that-broke-with-parameters-in-rewrites.patch > > > When a rewrite rule containing a var ( such as /:name/myfunction ) matches an incoming request then an additional query param gets created. Unfortunately this new query param gets included in the Signature Base String when the OAuth code generates its version of the request signature to validate the incoming request it causing authentication to fail. > To fix this isn't straightforward. When a VHost is configured there is a handy copy of the original URL in (x-couchdb-vhost-path) that can be used to generate the Signature Base String, unfortunately if there isn't a VHost no such copy exists. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira