Escape redis user and password (#1104)

* Escape redis user and password * Update CHANGELOG Co-authored-by: Paul Sanders <pau@ethyca.com>
ethyca · Aug 18, 2022 · 223a765 · 223a765
1 parent 81f8e0a
commit 223a765
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -34,6 +34,7 @@ The types of changes are:
 
 * HTTP headers are now preserved in requests generated from SaaS connector pagination [#1069](https://github.com/ethyca/fidesops/pull/1069)
 * Bump fideslib to fix issue where the authenticate button in the FastAPI docs did not work [#1092](https://github.com/ethyca/fidesops/pull/1092)
+* Escape the Redis user and password to make them URL friendly [#1104](https://github.com/ethyca/fidesops/pull/1104)
 * Reduced number of connections opened against app db during health checks [#1107](https://github.com/ethyca/fidesops/pull/1107)
 
 ### Changed

diff --git a/src/fidesops/ops/core/config.py b/src/fidesops/ops/core/config.py
@@ -3,6 +3,7 @@
 import logging
 import os
 from typing import Any, Dict, MutableMapping, Optional
+from urllib.parse import quote_plus
 
 import toml
 from fideslib.core.config import (
@@ -74,7 +75,7 @@ def assemble_connection_url(
             # If the whole URL is provided via the config, preference that
             return v
 
-        return f"redis://{values.get('user', '')}:{values['password']}@{values['host']}:{values['port']}/{values.get('db_index', '')}"
+        return f"redis://{quote_plus(values.get('user', ''))}:{quote_plus(values['password'])}@{values['host']}:{values['port']}/{values.get('db_index', '')}"
 
     class Config:
         env_prefix = "FIDESOPS__REDIS__"