Failure to apply proper URL-encoding

[wstrei]

The notUnicode regex fails to match some characters (I've only so far noticed [ and ]) which then cause an exception when attempting to parse into a URI object:
https://github.com/NetSPI/AWSSigner/blob/master/src/main/java/burp/Utility.java#L130-L144

Example stack trace below:

java.net.URISyntaxException: Illegal character in path at index 11: /test(hello]
	at java.base/java.net.URI$Parser.fail(URI.java:2915)
	at java.base/java.net.URI$Parser.checkChars(URI.java:3086)
	at java.base/java.net.URI$Parser.parseHierarchical(URI.java:3168)
	at java.base/java.net.URI$Parser.parse(URI.java:3127)
	at java.base/java.net.URI.<init>(URI.java:600)
	at burp.Utility.signRequest(Utility.java:144)
	at burp.BurpExtender.processHttpMessage(BurpExtender.java:500)
	at burp.e0t.run(Unknown Source)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:834)

[jakekarnes42]

This should be improved in AWS Signer 2.0.0 in PR #30. The requests are now signed using the AWS Java SDK rather than a custom implementation of the SigV4 algorithm. The SDK handles URL-encoding for us as part of the signature process. After the request is signed, the extension extracts the URL-encoded, signed URL and uses that for the final request. This should ensure that when the user includes non-URL-encoded characters in the URL (path, query, etc) that the final request is sent as intended with proper encoding.