-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Giving informative error messages for double slashes in API call URLs #1568
Giving informative error messages for double slashes in API call URLs #1568
Conversation
Can one of the admins verify this patch? |
✅ Gradle Wrapper Validation success e0dcddc381a7535319c5047a66f0f7bc4ad8b480 |
start gradle check |
❌ Gradle Precommit failure e0dcddc381a7535319c5047a66f0f7bc4ad8b480 |
❌ Gradle Check failure e0dcddc381a7535319c5047a66f0f7bc4ad8b480 |
❌ Gradle Check failure e0dcddc381a7535319c5047a66f0f7bc4ad8b480 |
✅ Gradle Wrapper Validation success bbba7db99fc2f4dc210f340b6e198df0011ef847 |
✅ Gradle Precommit success bbba7db99fc2f4dc210f340b6e198df0011ef847 |
❌ Gradle Check failure bbba7db99fc2f4dc210f340b6e198df0011ef847 |
start gradle check |
✅ Gradle Check success bbba7db99fc2f4dc210f340b6e198df0011ef847 |
@@ -107,22 +109,30 @@ public BytesRestResponse(RestChannel channel, Exception e) throws IOException { | |||
|
|||
public BytesRestResponse(RestChannel channel, RestStatus status, Exception e) throws IOException { | |||
ToXContent.Params params = paramsFromRequest(channel.request()); | |||
boolean doubleSlashPresent = checkForDoubleSlash(channel.request().rawPath()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The double slash check strikes me as a special case when it might be better to handle this more generally. It looks to me that the system correctly parsed the request and identified that the request specified the empty string as the index name. Where it went wrong is that it surfaced an "index out of bounds" failure as opposed to a more sensible parameter validation error (i.e. "No index name specified"). I'm concerned that this double slash check will have unexpected behavior, such as if there are cases where a double slash somewhere in the URL is either acceptable or at least innocuous and this change would be a backwards incompatible change in behavior. Can you fix this bug by doing more strict checks of the index name itself as opposed to looking for double slashes in the URL path?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's correct that checking double slash is not a good solution, because currently the REST APIs have got the leniency to allow double slash in URL.
However, after taking a deeper look at the error message. I don't think the system identified that the request contains an empty "index" name.
- There is no
PUT <index>/_cluster/health
API, and as the author of the issue said, adding a leading/
to any validPUT /_x/y
APIs will result that error message. - The error message only occurs using
curl
command, but will not occur when using the in Dashboards Console (https://www.elastic.co/guide/en/kibana/7.10/console-kibana.html) - Looks like the
string_index_out_of_bounds_exception
comes from Java (https://docs.oracle.com/javase/8/docs/api/java/lang/StringIndexOutOfBoundsException.html), and are parsed by OpenSearch to add the underscores (https://github.com/opensearch-project/OpenSearch/blob/1.1.0/server/src/main/java/org/opensearch/OpenSearchException.java#L688)
So I think we should find a better solution for this issue. 😁
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with the checking double slash as not being a good solution. Also, as the system does not identify the empty index name as well as the author opening the issue related to empty index or double slash, checking for it's value being null is the change, I have made. Correct me if I am wrong here.
✅ Gradle Wrapper Validation success aabf91b2ec379726b63f765d945d9a03e1c2d5c7 |
✅ Gradle Precommit success aabf91b2ec379726b63f765d945d9a03e1c2d5c7 |
✅ Gradle Check success aabf91b2ec379726b63f765d945d9a03e1c2d5c7 |
@@ -107,22 +110,30 @@ public BytesRestResponse(RestChannel channel, Exception e) throws IOException { | |||
|
|||
public BytesRestResponse(RestChannel channel, RestStatus status, Exception e) throws IOException { | |||
ToXContent.Params params = paramsFromRequest(channel.request()); | |||
boolean emptyIndex = checkForEmptyIndex(channel.request().params()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is quite the right place to be doing the empty index check because this class doesn't know anything about the specific operation that has happened so again there is risk that there are some operations where an empty index is okay and this would be a breaking change. Ideally the parameter validation should happen on the request path in a class that understands the operation being performed and can make assertions about what constitutes valid parameters for that operation. I'd suggest finding the exact spot where the index out of bounds error occurs and see if you can add the validation at or before that point on the request path. Another really good practice in a case like this is to start by writing a test that fails and then go implement the fix.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, as Tianli helpfully pointed out above, it may not have anything to do with an empty index parameter name, but the error message does suggest that somewhere we are attempting to do something like String.substring
on an empty string or otherwise failing while attempting to parse a string. If you can isolate the exact point where that is happening then it will probably be much easier to figure out the appropriate fix.
Changes related to Informative error messages.
✅ Gradle Wrapper Validation success d0a2c9a |
Spotless changes
✅ Gradle Wrapper Validation success 9f3a4f8 |
✅ Gradle Precommit success 9f3a4f8 |
start gradle check |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice job!
@@ -250,6 +250,13 @@ public static void validateIndexOrAliasName(String index, BiFunction<String, Str | |||
if (!Strings.validFileName(index)) { | |||
throw exceptionCtor.apply(index, "must not contain the following characters " + Strings.INVALID_FILENAME_CHARS); | |||
} | |||
if (index.isEmpty()) { | |||
logger.info(() -> new ParameterizedMessage("Empty Index, presence of double slash maybe?")); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need for the ParameterizedMessage here, you can just pass a string directly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will change that.
logger.info(() -> new ParameterizedMessage("Empty Index, presence of double slash maybe?")); | ||
throw exceptionCtor.apply( | ||
index, | ||
"reason: empty string is an invalid index name (do you have a double slash in the URL by accident?)" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Bit of a nitpick, but I'd match the style of the existing error messages and just say something like "must not be empty". The resulting error message will be "Invalid index name [], must not be empty"
which seems pretty concise and clear to me.
And while I realize the request specifically asked for it in the bug report, I'd avoid including the text about a double slash because it only makes sense if the user is interacting with this API directly via REST API. I suspect it is possible to pass an empty index name via other clients and mentioning something about a double slash in the error message may lead to more confusion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It makes sense to have it about the empty index name rather than the double slashes.
The invalid/empty index name error is great. But it feels like we should be able to check for a double-slash and throw a specific message if this is a common-enough problem, rather than adding "maybe you have a // in the message. WDYT? Related, any reason why we shouldn't redirect |
I think the double slash might be limited to the REST API only, Correct me if I am wrong on that. So checking on the empty index name might be better. I agree on your point of adding specific message rather than "// message". |
✅ Gradle Wrapper Validation success 7d6fdbff0374fe28f5ffbf7ced5595dfb782901a |
✅ Gradle Precommit success 7d6fdbff0374fe28f5ffbf7ced5595dfb782901a |
✅ Gradle Check success 7d6fdbff0374fe28f5ffbf7ced5595dfb782901a |
@@ -250,6 +250,10 @@ public static void validateIndexOrAliasName(String index, BiFunction<String, Str | |||
if (!Strings.validFileName(index)) { | |||
throw exceptionCtor.apply(index, "must not contain the following characters " + Strings.INVALID_FILENAME_CHARS); | |||
} | |||
if (index.isEmpty()) { | |||
logger.info("Invalid Index Name [], must not be empty"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should probably omit the log statement. The other cases in this method do not log here. A misconfigured client could cause your log to grow to a huge size if you log every invalid request.
naming and message changes. Signed-off-by: Megha Sai Kavikondala <[email protected]>
Deleting the log message.
✅ Gradle Wrapper Validation success c5d588f |
✅ Gradle Precommit success c5d588f |
Backport to 1.x too please. |
Will do that. |
Does this still need to be backported? |
This has been backported. |
@meghasaik Can you please link the PR? |
This is the BackPort PR link: #1601 |
Signed-off-by: Megha Sai Kavikondala [email protected]
Changes made for giving more informative error messages.
Description
If a URL with an empty index name or having double slash is requested, a pretty random answer is given:
Thus, rather than giving a random answer, an informative error message is given:
Issues Resolved
[List any issues this PR will resolve]
#1499
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.