fix(alias): reject malformed RC_HOST credentials#184
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 4ca6b0c6f2
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
This PR tightens validation and improves user-facing error classification for RC_HOST_* environment aliases, ensuring malformed percent-encoding is rejected and that JSON error output correctly categorizes common validation messages as usage errors.
Changes:
- Add strict percent-triplet validation for env alias credentials before decoding, rejecting malformed
%..sequences. - Add unit + CLI integration tests to cover invalid percent-encoding and unsupported URL schemes, asserting credentials are not echoed.
- Broaden JSON error metadata inference to treat “must use” / “must include” validation messages as
usage_error.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
crates/core/src/alias.rs |
Adds strict percent-encoding validation for RC_HOST credentials and a unit test for malformed escapes. |
crates/cli/tests/env_alias.rs |
Adds integration tests ensuring malformed RC_HOST aliases fail without leaking credentials and are classified as usage errors. |
crates/cli/src/output/formatter.rs |
Expands heuristic classification so “must use/include” validation messages map to usage_error. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
overtrue
changed the title
overtrue
force-pushed
the
codex/test-env-alias-errors
branch
from
73ccb48 to
326b46a
Compare
Related Issue(s)
None.
Problem Background and User Impact
Recent RC_HOST_* environment alias support lets users configure aliases without writing credentials to disk. The happy path was covered, but malformed environment alias values could still regress without a user-facing test. In particular, invalid percent escapes inside credentials were accepted as literal secret text, and some validation messages were classified as generic JSON errors instead of usage errors.
Root Cause Summary
The credential decoder delegated directly to urlencoding::decode, which tolerates malformed percent triplets such as %ZZ. The JSON error metadata inference also did not treat messages using “must use” or “must include” as usage errors.
Solution Overview
This PR adds strict percent-triplet validation before decoding RC_HOST credentials and keeps invalid credential values out of errors. It also broadens JSON error metadata inference for validation messages that say a value must use or include something. The CLI integration tests now cover malformed RC_HOST percent encoding and unsupported schemes while asserting credentials are not echoed.
Test Status
cargo test -p rc-core test_parse_rc_host_alias_rejects_invalid_percent_encoding --libcargo test -p rustfs-cli --test env_aliascargo fmt --all --checkgit diff --checkmake pre-commit