-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use url.PathUnescape rather than url.QueryUnescape in baggage parsing #4667
Conversation
I believe this addresses the majority of the cases described in open-telemetry#3601 Golang's url.QueryUnescape will render url _path_ elements (e.g. /, +) as spaces: `foo+bar` is rendered as `foo bar`. Path elements are (as I read the spec) legal W3C baggage values, and replacing them with spaces fails the value validation regex. url.PathEscape allows path elements through unmolested. Signed-off-by: Nathan J. Mehl <n@oden.io>
Codecov Report
@@ Coverage Diff @@
## main #4667 +/- ##
=======================================
- Coverage 81.7% 81.7% -0.1%
=======================================
Files 225 225
Lines 18056 18056
=======================================
- Hits 14764 14762 -2
- Misses 2994 2996 +2
Partials 298 298
|
I do not have time review at this moment, but could you please also confront your changes with the following issues which seem to be related? |
Running into the same issue. Do we have an ETA on when this fix will be released? |
This doesn't fix problem with #4241 as I have checked here, because problem there is in In my opinion it would be best to address the bigger problem with baggage, which is demostrated in my example and best solution IMHO is described here |
@pellared those issues are all extremely long and most link to other issues. Respectfully, no: I am not going to trawl through all of the cases described across all of those tickets to determine if this PR applies. This PR fixes a specific bug (handling of @Lim3nius I agree that the path forward described by @yurishkuro would be the correct long-term plan. But he admits up front that this would be a breaking change and thus presumably fodder for a v2.0 release. I would like to not wait until then to fix this particular bug, which is actively breaking tracing in our organization. |
I agree here with @n-oden. This PR helps solve the immediate bug in correctly handling specific characters. The longer-term suggested fix from #3685 is larger, breaking change and hasn't been addressed in 6+ months. This PR provides a simpler, non-breaking solution that at least makes the root cause a little easier to deal with. Are there any specific concerns, or questions around this being reviewed? |
None that I am aware of. I will ask during SIG meeting to review it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Other than updating the PR number in the changelog, this looks good to me.
I confirmed this is the same behaviour other SDKs use to encode baggage values.
For example: Java SDK (uses custom parser, but does path escaping)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Initially, I was hesitant to approve this PR as I find it bug-prone and improper to use url.PathUnescape
for decoding and url.QueryEscape
for encoding.
However, I was playing with different unit test cases on your PR for about an half an hour and it produces better results than the current implementation.
Ideally we should have a dedicated decoding and encoding logic. But I am OK approving it as it is, because perfect is the enemy of good.
Please make sure to update the changelog and keep the PR up to date (or give the maintainers permission to update the branch).
address comments Co-authored-by: Robert Pająk <pellared@hotmail.com>
@pellared @MikeGoldsmith Updated the changelog and brought this up to date with the main branch -- should be good to go, thank you! |
So.... who merges this and what would be the expected ETA to getting it into a full release? |
This requires at least a second approval from an approver or maintainer. Please make sure to keep the PR up to date. Release would be probably in a matter of few weeks, but I cannot promise anything. |
@MikeGoldsmith can I trouble you for a second approval? :) |
@open-telemetry/go-approvers PTAL |
n.b. the failing coverage test appears to be an infra issue:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not an OTel Go approver, but I work with @MikeGoldsmith (who is on holiday until next week). He and I reviewed this PR together and I agree with the update for whatever a grey checkmark approval is worth!
I believe this addresses the majority of the cases described in #3601
Golang's url.QueryUnescape will render url path elements (e.g. /, +) as spaces:
foo+bar
is rendered asfoo bar
. Path elements are (as I read the spec) legal W3C baggage values, and replacing them with spaces fails the value validation regex.url.PathEscape allows path elements through unmolested.