From 104d20ef186a9bd48013ceb1fc80e3944738f185 Mon Sep 17 00:00:00 2001 From: David Leifker Date: Tue, 11 Feb 2025 18:23:10 -0600 Subject: [PATCH] fix(url-encoding): fix regression in url encodingg workaround: https://github.com/jetty/jetty.project/issues/11890 --- docs/how/updating-datahub.md | 4 + .../linkedin/gms/CommonApplicationConfig.java | 17 ++++ smoke-test/tests/openapi/v3/entities.json | 98 +++++++++++++++++++ 3 files changed, 119 insertions(+) diff --git a/docs/how/updating-datahub.md b/docs/how/updating-datahub.md index a21e7b6734be96..71c10d39f03373 100644 --- a/docs/how/updating-datahub.md +++ b/docs/how/updating-datahub.md @@ -22,6 +22,10 @@ This file documents any backwards-incompatible changes in DataHub and assists pe - #12408: The `platform` field in the DataPlatformInstance GraphQL type is removed. Clients need to retrieve the platform via the optional `dataPlatformInstance` field. +### Known Issues + +- #12601: Jetty 12 introduces a stricter handling of url encoding. We are currently applying a workaround to prevent a regression, while technically breaking the official specifications. + ### Potential Downtime ### Deprecations diff --git a/metadata-service/war/src/main/java/com/linkedin/gms/CommonApplicationConfig.java b/metadata-service/war/src/main/java/com/linkedin/gms/CommonApplicationConfig.java index face0cc859536d..4f0cf00891391e 100644 --- a/metadata-service/war/src/main/java/com/linkedin/gms/CommonApplicationConfig.java +++ b/metadata-service/war/src/main/java/com/linkedin/gms/CommonApplicationConfig.java @@ -2,7 +2,10 @@ import com.linkedin.metadata.spring.YamlPropertySourceFactory; import java.lang.management.ManagementFactory; +import java.util.Set; import javax.management.MBeanServer; +import org.eclipse.jetty.ee10.servlet.ServletHandler; +import org.eclipse.jetty.http.UriCompliance; import org.eclipse.jetty.jmx.MBeanContainer; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.HttpConfiguration; @@ -65,13 +68,27 @@ public class CommonApplicationConfig { @Bean public WebServerFactoryCustomizer jettyCustomizer() { return factory -> { + // Configure HTTP factory.addServerCustomizers( server -> { + // HTTP Configuration HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setRequestHeaderSize(32768); + // See https://github.com/jetty/jetty.project/issues/11890 + // Configure URI compliance to allow encoded slashes + httpConfig.setUriCompliance( + UriCompliance.from( + Set.of( + UriCompliance.Violation.AMBIGUOUS_PATH_SEPARATOR, + UriCompliance.Violation.AMBIGUOUS_PATH_ENCODING))); + // set this for Servlet 6+ + server + .getContainedBeans(ServletHandler.class) + .forEach(handler -> handler.setDecodeAmbiguousURIs(true)); + // HTTP Connector ServerConnector connector = new ServerConnector(server, new HttpConnectionFactory(httpConfig)); diff --git a/smoke-test/tests/openapi/v3/entities.json b/smoke-test/tests/openapi/v3/entities.json index 079174fd78bcab..18194d3028a31a 100644 --- a/smoke-test/tests/openapi/v3/entities.json +++ b/smoke-test/tests/openapi/v3/entities.json @@ -20,6 +20,13 @@ "method": "delete" } }, + { + "request": { + "url": "/openapi/v3/entity/dataset/urn%3Ali%3Adataset%3A%28urn%3Ali%3AdataPlatform%3Atest%2Cdataset%2FEntityV3%2CPROD%29", + "description": "Remove test dataset with %2F", + "method": "delete" + } + }, { "request": { "url": "/openapi/v3/entity/dataset", @@ -156,5 +163,96 @@ ] } } + }, + { + "request": { + "url": "/openapi/v3/entity/dataset", + "params": { + "async": "false" + }, + "description": "Create dataset with %2F", + "json": [ + { + "urn": "urn:li:dataset:(urn:li:dataPlatform:test,dataset/EntityV3,PROD)", + "datasetProperties": { + "value": { + "name": "dataset/EntityV3", + "qualifiedName": "entities.dataset/EntityV3", + "customProperties": {}, + "tags": [] + } + }, + "status": { + "value": { + "removed": false + } + } + } + ] + } + }, + { + "request": { + "url": "/openapi/v3/entity/dataset/urn%3Ali%3Adataset%3A%28urn%3Ali%3AdataPlatform%3Atest%2Cdataset%2FEntityV3%2CPROD%29", + "method": "get", + "description": "Get dataset with %2F", + "json": [ + { + "urn": "urn:li:dataset:(urn:li:dataPlatform:test,dataset/EntityV3,PROD)", + "datasetProperties": { + "value": { + "name": "dataset/EntityV3", + "qualifiedName": "entities.dataset/EntityV3", + "customProperties": {}, + "tags": [] + } + }, + "status": { + "value": { + "removed": false + } + } + } + ] + }, + "response": { + "json": { + "urn": "urn:li:dataset:(urn:li:dataPlatform:test,dataset/EntityV3,PROD)", + "browsePathsV2": { + "value": { + "path": [ + { + "id": "Default" + } + ] + } + }, + "datasetKey": { + "value": { + "name": "dataset/EntityV3", + "platform": "urn:li:dataPlatform:test", + "origin": "PROD" + } + }, + "dataPlatformInstance": { + "value": { + "platform": "urn:li:dataPlatform:test" + } + }, + "datasetProperties": { + "value": { + "name": "dataset/EntityV3", + "customProperties": {}, + "qualifiedName": "entities.dataset/EntityV3", + "tags": [] + } + }, + "status": { + "value": { + "removed": false + } + } + } + } } ] \ No newline at end of file