[FEATURE REQ] azure.core.credential.AzureSasCredential
Sanitize SAS for URIs
#20561
Labels
Azure.Core
azure-core
Client
This issue points to a problem in the data-plane of the library.
Storage
Storage Service (Queues, Blobs, Files)
Milestone
Customers currently have a mechanism to get a SAS that doesn't properly encode some things in the signature. Notably, spaces in Storage's
si
parameter value. Storage has three APIs to ingest a SAS but only sanitizes those illegal characters for two of them. The third is AzureSasCredential, which leaves the illegal characters in and causes URISyntaxExceptions to be thrown in the web stack.AzureSasCredential should sanitize their inputs the same way Storage code currently does. It should support this on both construction and update.
While Storage code could conceivably do this sanitation upon receiving the credential, it cannot help the customer when they wish to rotate a SAS in said credential object. The problem is just put off until rotation rather than initial setup.
The text was updated successfully, but these errors were encountered: