Validation parameter_type.url regex doesn't pass validation for IPv6 addresses
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Matthew Edmonds | ||
Juno |
Fix Released
|
Medium
|
Brant Knudson |
Bug Description
Can't create an endpoint with an IPv6 address in the URL. E.g.:
[root@XXXXXXXX ~]# curl -k -i -X POST https:/
HTTP/1.1 400 Bad Request
Date: Mon, 27 Oct 2014 18:42:32 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: X-Auth-Token
Content-Length: 182
Connection: close
Content-Type: application/json
{"error": {"message": "Invalid input for field 'url'. The value is 'https://[fd55:faaf:
Changed in keystone: | |
assignee: | nobody → Matthew Edmonds (edmondsw) |
summary: |
- endpoint url validation fails for IPv6 addresses + Validation parameter_type.url regex doesn't pass validation for IPv6 + addresses with ports |
description: | updated |
summary: |
Validation parameter_type.url regex doesn't pass validation for IPv6 - addresses with ports + addresses |
tags: | added: juno-backport-potential |
tags: | removed: juno-backport-potential |
Changed in keystone: | |
importance: | Undecided → Medium |
Changed in keystone: | |
milestone: | none → kilo-1 |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | kilo-1 → 2015.1.0 |
Endpoint url validation is controlled by a regular expression [1]. We had the option to use the url validation FormatChecker object that was built into jsonschema but it relies on rfc3987 [2], which is GPL licensed. The rfc3987 library wasn't added to global requirements since it is GPL licensed [3]. Chances are the regex can be tweaked to allow for ipv6 addresses with ports.
[1] https:/ /github. com/openstack/ keystone/ blob/15a01f2918 b4822b3df660ca2 567ef398ed7d0a3 /keystone/ common/ validation/ parameter_ types.py# L53-L59 /pypi.python. org/pypi/ rfc3987 /review. openstack. org/#/c/ 98012/
[2] https:/
[3] https:/