Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update KibanaRequest to use the new WHATWG URL API #80713

Merged
merged 6 commits into from
Oct 29, 2020
Merged

Update KibanaRequest to use the new WHATWG URL API #80713

merged 6 commits into from
Oct 29, 2020

Conversation

watson
Copy link
Contributor

@watson watson commented Oct 15, 2020
edited
Loading

This PR is a prerequisite for upgrading to hapi v18.

The reason for this is that the new version of hapi uses the WHATWG URL format for its request.url property instead of the legacy url format.

Note to reviewers

The hack of using request._core.info.uri to build the new URL object, isn't needed once we upgrade to hapi v18, as this version of hapi already uses the WHATWG URL API. So instead of constructing the URL object once the KibanaRequest is instantiated, we simply copy it from the hapi request object.

Note to future self

If you remove the urlCopy hack in src/core/server/http/lifecycle/on_pre_routing.ts, you can reproduce the problem it's trying to fix by first performing the following cURL request:

curl \
  -X GET \
  -u elastic:changeme "localhost:5601/s/space_1/api/saved_objects/dashboard/cts_dashboard" \
  -H 'kbn-xsrf: true'

This will prime the process and put it in a state where the error will occur in the next request, which you perform with the following cURL request:

curl \
  -X GET \
  -u elastic:changeme "localhost:5601/api/saved_objects/dashboard/cts_dashboard" \
  -H 'kbn-xsrf: true'

The first cURL request will trigger the request.setUrl line in src/core/server/http/lifecycle/on_pre_routing.ts, which will screw up the internal object holding the routing table in such a way that the call router used by hapi can't find the saved_objects segment under api and will make the request fall through to the catch-all route.

The only thing needed from this PR to trigger the bug, is the following in src/core/server/http/router/request.ts:

-    this.url = request.url;
+    this.url = new URL(request.url.href!, request._core.info.uri);

@watson watson added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.11.0 labels Oct 15, 2020
@watson watson self-assigned this Oct 15, 2020
@watson watson force-pushed the whatwg-url branch 14 times, most recently from 3f0085c to 6aa7526 Compare October 20, 2020 12:22
@watson watson marked this pull request as ready for review October 26, 2020 20:50
@watson watson requested review from a team October 26, 2020 20:50
@watson watson requested review from a team as code owners October 26, 2020 20:50
@botelastic botelastic bot added the Team:Fleet Team label for Observability Data Collection Fleet team label Oct 26, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Team:Ingest Management)

nchaulet
nchaulet approved these changes Oct 26, 2020
View reviewed changes
Copy link
Member

@nchaulet nchaulet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ingest manager changes 🚀

@watson
Remove unneeded request.url mock from enterprise search tests
7cb51c2 
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
@watson watson mentioned this pull request Oct 27, 2020
Merged
mshustov
mshustov reviewed Oct 27, 2020
View reviewed changes
src/core/server/http/lifecycle/on_pre_routing.ts
//
// The details can be seen in this discussion on Twitter:
// https://twitter.com/wa7son/status/1319992632366518277
let urlCopy = '';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm glad I didn't have to debug this 😄

gmmorris
gmmorris approved these changes Oct 28, 2020
View reviewed changes
Copy link
Contributor

@gmmorris gmmorris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM for Alerts, TaskManager & EventLog 👍

@azasypkin
Copy link
Member

ACK: will review the security team related changes today or tomorrow morning at the latest.

@azasypkin azasypkin self-requested a review October 28, 2020 10:46
thomheymann
thomheymann approved these changes Oct 28, 2020
View reviewed changes
Copy link
Contributor

@thomheymann thomheymann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

jgowdyelastic
jgowdyelastic approved these changes Oct 28, 2020
View reviewed changes
Copy link
Member

@jgowdyelastic jgowdyelastic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ML changes LGTM

thomheymann
thomheymann approved these changes Oct 28, 2020
View reviewed changes
Copy link
Contributor

@thomheymann thomheymann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome, looks good!

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

azasypkin
azasypkin approved these changes Oct 29, 2020
View reviewed changes
Copy link
Member

@azasypkin azasypkin left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security/Spaces changes LGTM, thanks!

@watson watson merged commit 1407f71 into elastic:master Oct 29, 2020
@watson watson deleted the whatwg-url branch October 29, 2020 13:35
@watson watson mentioned this pull request Oct 29, 2020
Merged
watson added a commit that referenced this pull request Oct 29, 2020
@watson
[7.x] Update KibanaRequest to use the new WHATWG URL API (#80713) (#8…
20276bd 
…2014)
@mshustov mshustov mentioned this pull request Jun 11, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mshustov mshustov mshustov approved these changes

@thomheymann thomheymann thomheymann approved these changes

@gmmorris gmmorris gmmorris approved these changes

@cee-chen cee-chen cee-chen approved these changes

@nchaulet nchaulet nchaulet approved these changes

@azasypkin azasypkin azasypkin approved these changes

@jgowdyelastic jgowdyelastic jgowdyelastic approved these changes

Assignees

@watson watson

Labels
release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team v7.11.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
10 participants
@watson @elasticmachine @azasypkin @kibanamachine @thomheymann @gmmorris @cee-chen @nchaulet @mshustov @jgowdyelastic