Matrix-Mirrors/pantalaimon
1
0
Fork 0
mirror of https://github.com/matrix-org/pantalaimon.git synced 2024-10-01 03:35:38 -04:00
Code Issues Packages Projects Releases Wiki Activity

pantalaimon: Forward raw path instead of quoting the decoded path

Browse Source 
If the original path had quoted slash characters (`%2F`), the code
decoded them and then left them unquoted, causing the forwarded request
to fail.

An example is trying to ban a user with a slash in their name using
Mjolnir, which PUTs a state event with `rule:<username>` in the URL.

Use the undecoded path to avoid this.
This commit is contained in:
Jan Alexander Steffens (heftig) 2021-08-26 20:29:53 +02:00
parent e3be7bee3b
commit 054a3bcb0b
No known key found for this signature in database
GPG Key ID: 3B94A80E50A477C7
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pantalaimon/daemon.py
View File

@ -482,9 +482,7 @@ class ProxyDaemon:
assert session
path = urllib.parse.quote(
request.path
) # re-encode path stuff like room aliases
path = request.raw_path
method = request.method
headers = CIMultiDict(request.headers)