UI interprets URL-encoded secrets when accessing it #25905
Comments
|
@NoaFayn thank you for the issue. I'm trying to figure out the best way to approach a fix, and it might be helpful to understand what your workflow is for creating a directory with a URL encoded slash.
If number 3 is your workflow, can you help me understand why you'd want a directory name with a encoded slash? |
|
Hi @Monkeychip, your first guess is the correct one for my workflow. Its actually through the API that I'm creating the directory (but it shouldn't matter), and then I'm accessing it with the UI. We have a script creating secrets automatically (and each directory represents a "product" ID which happens to contain a "/" in it) and we use the UI to access them. |
|
Hi, I'm just curious if this was resolved. This one might be a similar issue, but it seems like it was fixed Or not? Referring to this comment? #23940 (comment) |
Describe the bug
When using the UI to navigate in the KV secrets, if a "directory" was URL-encoded with slashes, it will be interpreted as a path.
To Reproduce
Steps to reproduce the behavior:
secrets/test1%2ftest2/test3)secretstest1%2ftest2"directory" (which is correctly displayed in the UI), the UI interprets the %2f as a slash, and tries to display secrets insecrets/test1/test2/, which doesn't exist.Expected behavior
It is expected that when clicking on the "directory"
test1%2ftest2, the UI correctly handles the%2fas part of the name, and doesn't interpret it as a slash.Environment:
vault status): 1.15.6vault version): N/AAdditional context
Note that accessing a secret (instead of a "directory") containing
%2fworks as expected.The text was updated successfully, but these errors were encountered: