-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(ssurl): use percent_decode_str
for userinfo
encoded data
#985
Conversation
This is impossible. The userinfo has to be encoded with base64 url safe encoding, which is definitely don't have any You should make a PR to fix where the URL was generated. Follow the spec carefully: https://shadowsocks.org/guide/sip002.html |
@zonyitoo base64 may contain
|
You are messing up "base64" and "base64 url safe" encoding.
|
2nd edit: Now I'm confused: https://url.spec.whatwg.org/#userinfo-percent-encode-set |
Oh yes you are right.
I can't do that, I'm just trying to use outline keys and |
Well, the code in PR actually trying to decode the userinfo with percent encoding, so the actual example should be: On the other hand, is that what your original URL? @RAX7 , the |
No you should not do that. You may also need to check if there is any characters that are not in the valid base64 url safe character set and try to fix it to fulfill the specification requirement. You will never be able to compatible all kinds of errors, which is why we need a specification. But on the otherhand, I noticed that some base64 encoder, such as the one in Python ,will still add tailing |
https://github.com/Jigsaw-Code/outline-shadowsocksconfig/blob/master/src/shadowsocks_config.ts#L338 It seems they are indeed using string concatenation. You should also open an issue over there. |
const userInfo = Base64.encodeURI(`${method.data}:${password.data}`); const _mkUriSafe = (src: string) => src
.replace(/=/g, '').replace(/[+\/]/g, (m0) => m0 == '+' ? '-' : '_');
/**
* converts a UTF-8-encoded string to a Base64 string.
* @param {boolean} [urlsafe] if `true` make the result URL-safe
* @returns {string} Base64 string
*/
const encode = (src: string, urlsafe = false) => urlsafe
? _mkUriSafe(_encode(src))
: _encode(src);
/**
* converts a UTF-8-encoded string to URL-safe Base64 RFC4648 §5.
* @returns {string} Base64 string
*/
const encodeURI = (src: string) => encode(src, true); So the outline generated URL shouldn't contain any |
Interesting, the code in outline-server is Ok but the console is running a different code version. Please checkout the comments in the review, I am Ok to merge this PR if they are fixed. |
/cc @fortuna |
@zonyitoo, @database64128 I guess they using
Test cases fails on windows with:
|
Just ignore the Windows test case. |
Some URLs contain a base64 string with
=
char (e.g:ss://YWVzLTEyOC1nY206c2hhZG93c29ja3M=@1.2.3.4:8000#tag
) which breaks thessurl
tool.