[jdk11u-dev] RFR: 8245245: WebSocket can lose the URL encoding of URI query parameters [v3]
Goetz Lindenmaier
goetz at openjdk.org
Thu Dec 22 09:26:03 UTC 2022
On Wed, 21 Dec 2022 10:05:48 GMT, Michal Karm Babacek <duke at openjdk.org> wrote:
>>> For JDK20, you can use the "/backport jdk20" comment on the commit in head.
>>
>> I think that's only available for committers. Just FYI.
>
> Hello, @jerboaa, This is the JBS text proposal, formatted for JIRA:
>
>
>
> I would like [JDK-8245245|https://bugs.openjdk.org/browse/JDK-8245245] to get backported to JDK 11
> so as more libraries can start using JDK's own WebSocket client instead of depending
> on other implementations.
>
> For instance, [Fabric8 Kubernetes client|https://github.com/fabric8io/kubernetes-client/blob/master/httpclient-jdk/README.md#jdk-client-for-fabric8]
> has this very issue with JDK's WebSocket client and it uses OkHttp3 or Vert.x implementations instead.
>
> I used these [JBang|https://www.jbang.dev/] scripts to briefly showcase that both Vert.x and OkHttp3 implementations
> are fine running on JDK 11 and JDK 11's WebSocket client needs fixing: (It uses Undertow as the server)
>
> [JDKClient.java|https://gist.github.com/Karm/58959f7bc1d3ef675eecd1e12e56094c]
> [OKHttp3Client.java|https://gist.github.com/Karm/6ed845a22a8b8331f95292bb992ee7e0]
> [VertXClient.java|https://gist.github.com/Karm/a04a778f352e8d29667eb38a219d4e4b]
>
> {code}
> $ java --version
> openjdk 11.0.17 2022-10-18
>
> $ ./JDKClient.java
> [jbang] Building jar...
> The query string was: &raw=abc+def/ghi=xyz&encoded=abc+def/ghi=xyz
>
> $ ./OKHttp3Client.java
> [jbang] Building jar...
> The query string was: raw=abc+def/ghi=xyz&encoded=abc%2Bdef%2Fghi%3Dxyz
>
> $ ./VertXClient.java
> [jbang] Building jar...
> The query string was: raw=abc+def/ghi=xyz&encoded=abc%2Bdef%2Fghi%3Dxyz
> {code}
>
> Patched, see the JDK client fixed:
> {code}
> $ java --version
> openjdk 11.0.255-internal 2023-01-17
>
> $ ./JDKClient.java
> The query string was: &raw=abc+def/ghi=xyz&encoded=abc%2Bdef%2Fghi%3Dxyz
>
> $ ./OKHttp3Client.java
> The query string was: raw=abc+def/ghi=xyz&encoded=abc%2Bdef%2Fghi%3Dxyz
>
> $ ./VertXClient.java
> The query string was: raw=abc+def/ghi=xyz&encoded=abc%2Bdef%2Fghi%3Dxyz
> {code}
>
> Thanks
> K.
>
>
> Edit, short version:
>
> Fix Request
> Approve backporting JDK-8245245 to 11u. It fixes a WebSocket client related query param encoding issue and should be a low risk one.
> Testing: ran jdk_net tests without regressions. Patch doesn't apply clean as the test needed changing.
> Reviewed by Paul Hohensee <phh>, Daniel Fuchs <dfuchs>, Severin Gehwolf <sgehwolf>.
Hi @Karm,
I saw your JBS comment. Next time please reason why you consider the risk low.
Thanks.
-------------
PR: https://git.openjdk.org/jdk11u-dev/pull/1558
More information about the jdk-updates-dev
mailing list