Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Postgres password authentication issue when Postgres Password contains special characters again #16319

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
djmcgreal-cc opened this issue Jan 29, 2025 · 2 comments · Fixed by #16510
Closed

Postgres password authentication issue when Postgres Password contains special characters again #16319

djmcgreal-cc opened this issue Jan 29, 2025 · 2 comments · Fixed by #16510
Assignees
@mtojek
Labels
need-help Assign this label prompts an engineer to check the issue. Only humans may set this. s2 Broken use cases or features (with a workaround). Only humans may set this.

Comments

@djmcgreal-cc
Copy link

Like #15954, some special characters need to be encoded. Coder tries to do this but fails with a misleading error message when the password includes a '?' character. Instead of matching net/url: invalid userinfo, the error is invalid port "%s" after host.

URL encoding beforehand fixes this issue, but if coder wanted to continue to be helpful in this way it could conceivably try to handle this case too.
@matifali matifali added s2 Broken use cases or features (with a workaround). Only humans may set this. need-help Assign this label prompts an engineer to check the issue. Only humans may set this. labels Jan 29, 2025
@mtojek
Copy link
Member

mtojek commented Feb 6, 2025

@mafredri I'm wondering what is your advisory here. Should we encode the password if coder detects special chars or does it work as intended?

@mafredri
Copy link
Member

mafredri commented Feb 7, 2025

@mtojek It's mostly working as intended but we could definitely help the user more in this case. We can't really make it perfect, but the current error case handling looks like it could break on a few other special characters as well (like say, a hash symbol).

I'd say let's improve it 👍🏻, and at the very least document how to url encode your user/pass, which avoids problems entirely.

@mtojek mtojek self-assigned this Feb 10, 2025
@mtojek mtojek mentioned this issue Feb 10, 2025
Merged
mtojek added a commit that referenced this issue Feb 11, 2025
@mtojek
fix: escape special characters in postgres password (#16510)
72f6257 
Fixes: #16319

This PR modifies existing escaping logic for special characters in
Postgres password, so it does fail on edge cases like `#` or `$` when
parser recognizes as invalid port.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mtojek mtojek

Labels
need-help Assign this label prompts an engineer to check the issue. Only humans may set this. s2 Broken use cases or features (with a workaround). Only humans may set this.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: escape special characters in postgres password coder/coder
4 participants
@mafredri @matifali @mtojek @djmcgreal-cc