search

Jaymon / dsnparse

Easily parse DSN urls (connection strings) in Python
MIT License
21 stars 8 forks source link

Decode url ecnoded characters in username and password #8

Closed hugochinchilla closed 1 year ago

hugochinchilla commented 2 years ago

As per RFC 1738

; URL schemeparts for ip based protocols:

ip-schemepart  = "//" login [ "/" urlpath ]

login          = [ user [ ":" password ] "@" ] hostport
hostport       = host [ ":" port ]
host           = hostname | hostnumber
hostname       = *[ domainlabel "." ] toplabel
domainlabel    = alphadigit | alphadigit *[ alphadigit | "-" ] alphadigit
toplabel       = alpha | alpha *[ alphadigit | "-" ] alphadigit
alphadigit     = alpha | digit
hostnumber     = digits "." digits "." digits "." digits
port           = digits
user           = *[ uchar | ";" | "?" | "&" | "=" ]
password       = *[ uchar | ";" | "?" | "&" | "=" ]
urlpath        = *xchar    ; depends on protocol see [section 3.1](https://datatracker.ietf.org/doc/html/rfc1738#section-3.1)

Where uchar is defined as 

reserved       = ";" | "/" | "?" | ":" | "@" | "&" | "="
hex            = digit | "A" | "B" | "C" | "D" | "E" | "F" |
                 "a" | "b" | "c" | "d" | "e" | "f"
escape         = "%" hex hex

unreserved     = alpha | digit | safe | extra
uchar          = unreserved | escape

A username or password with special characters ( ";" | "/" | "?" | ":" | "@" | "&" | "=") will have them encoded as the corresponding hex sequence escaped with a "%" character.

Currently urls with this kind of values are returned with escaped characters after parsing instead of showing the raw value. This pull request fixes this issue and adds the corresponding tests.

hugochinchilla commented 2 years ago

RFC3986 obsoletes RFC1738, I will need to read also that and see if I'm missing something

Jaymon commented 1 year ago

I merged this in as https://github.com/Jaymon/dsnparse/pull/12 to make sure you still got credit. I had gone in and refactored the parsing a few months ago and didn't see this PR (Github's notifications just aren't working well for me) so I didn't need the functionality but I made sure the tests work as expected.

Jaymon commented 1 year ago

bah! I squashed and merged out of habit and so it truncated your commit out of the official history. Sigh