[Kimchi-devel] [PATCH] bug fix: Avoid equals sign in VM console URL

Aline Manera alinefm at linux.vnet.ibm.com
Mon Jul 28 12:28:03 UTC 2014 

On 07/28/2014 06:15 AM, Sheldon wrote:
> On 07/26/2014 05:01 AM, alinefm at linux.vnet.ibm.com wrote:
>> From: Aline Manera <alinefm at linux.vnet.ibm.com>
>>
>> >From python documentation, base64.urlsafe_b64encode(s) substitutes - 
>> instead
>> of + and _ instead of / in the standard Base64 alphabet, BUT the 
>> result can
>> still contain = which is not safe in a URL query component.
>> As token value is not decoded nowhere, replace = by A
>
> what about other character instead of A? such as "." or "~"
>
> This is the base64 alphabet:
> 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='
>
> "A" is in the alphabet.
>

Ok. I will use . to replace =

>
> or do not pad the encode string.
> some base64 variant has no pad character.
> http://en.wikipedia.org/wiki/Base64#Implementations_and_history
>

I think we can have problem in not using the pad if you have the same 
code string to different sentence
Example:

"abcd"  = "YWJjZA="
"jdcf" = "YWJjZA"

If we ignore the = in the first string we will have 2 matches to the 
different values.
Not sure it can happen in real world, but I think it is safe to use . 
instead of =

>
> Then in python, it can easy strip the "="
> In [21]: s1 = base64.urlsafe_b64encode("abcd")
> In [22]: s1.rstrip("=")
> Out[22]: 'YWJjZA'
>
> and In js add a funtion to
> $ git diff
> diff --git a/ui/js/src/kimchi.utils.js b/ui/js/src/kimchi.utils.js
> index 480b9b5..2d252a7 100644
> --- a/ui/js/src/kimchi.utils.js
> +++ b/ui/js/src/kimchi.utils.js
> @@ -191,3 +191,8 @@ kimchi.urlSafeB64Decode = function(str) {
> kimchi.urlSafeB64Encode = function(str) {
> return btoa(str).replace(/\+/g, '-').replace(/\//g, '_');
> }
> +
> +kimchi.padBase64 = function(str) {
> + padLen = str.length % 4;
> + return str + new Array(padLen? 4 - padLen + 1 : 0).join("=");
> +}
>
>
> Now test this method:
> in python:
> In [40]: base64.urlsafe_b64encode("abcd")
> Out[40]: 'YWJjZA=='
>
> In [41]: base64.urlsafe_b64encode("abcde")
> Out[41]: 'YWJjZGU='
>
> In UI:
> kimchi.padBase64("YWJjZA")
> "YWJjZA=="
>
> kimchi.padBase64("YWJjZGU")
> "YWJjZGU="
>
>
>>
>> The problem with equals sign was only identified on Spice connections.
>> noVNC can deal well with that.
>>
>> For reference: https://docs.python.org/2/library/base64.html
>>
>> Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
>> ---
>>   src/kimchi/vnc.py       |  9 ++++++++-
>>   ui/js/src/kimchi.api.js | 18 ++++++++++++++++--
>>   2 files changed, 24 insertions(+), 3 deletions(-)
>>
>> diff --git a/src/kimchi/vnc.py b/src/kimchi/vnc.py
>> index 9380e21..4159049 100644
>> --- a/src/kimchi/vnc.py
>> +++ b/src/kimchi/vnc.py
>> @@ -54,7 +54,14 @@ def new_ws_proxy():
>>
>>   def add_proxy_token(name, port):
>>       with open(os.path.join(WS_TOKENS_DIR, name), 'w') as f:
>> -        name = base64.urlsafe_b64encode(name)
>> +        """
>> +        From python documentation base64.urlsafe_b64encode(s)
>> +        substitutes - instead of + and _ instead of / in the
>> +        standard Base64 alphabet, BUT the result can still
>> +        contain = which is not safe in a URL query component.
>> +        As token value is not decoded nowhere, replace = by A
>> +        """
>> +        name = base64.urlsafe_b64encode(name).replace('=', 'A')
>>           f.write('%s: localhost:%s' % (name.encode('utf-8'), port))
>>
>>
>> diff --git a/ui/js/src/kimchi.api.js b/ui/js/src/kimchi.api.js
>> index 8f5b68f..30360c5 100644
>> --- a/ui/js/src/kimchi.api.js
>> +++ b/ui/js/src/kimchi.api.js
>> @@ -352,7 +352,14 @@ var kimchi = {
>>               }).done(function() {
>>                   url = 'https://' + location.hostname + ':' + 
>> proxy_port;
>>                   url += "/console.html?url=vnc_auto.html&port=" + 
>> proxy_port;
>> -                url += "&path=?token=" + kimchi.urlSafeB64Encode(vm);
>> +                /*
>> +                 * From python documentation 
>> base64.urlsafe_b64encode(s)
>> +                 * substitutes - instead of + and _ instead of / in the
>> +                 * standard Base64 alphabet, BUT the result can still
>> +                 * contain = which is not safe in a URL query 
>> component.
>> +                 * As token value is not decoded nowhere, replace = 
>> by A
>> +                 * */
>> +                url += "&path=?token=" + 
>> kimchi.urlSafeB64Encode(vm).replace(/=/g, 'A');
>>                   url += "&kimchi=" + location.port;
>>                   url += '&encrypt=1';
>>                   window.open(url);
>> @@ -377,7 +384,14 @@ var kimchi = {
>>                   url = 'https://' + location.hostname + ':' + 
>> proxy_port;
>>                   url += "/console.html?url=spice.html&port=" + 
>> proxy_port;
>>                   url += "&listen=" + location.hostname;
>> -                url += "&token=" + kimchi.urlSafeB64Encode(vm);
>> +                /*
>> +                 * From python documentation 
>> base64.urlsafe_b64encode(s)
>> +                 * substitutes - instead of + and _ instead of / in the
>> +                 * standard Base64 alphabet, BUT the result can still
>> +                 * contain = which is not safe in a URL query 
>> component.
>> +                 * As token value is not decoded nowhere, replace = 
>> by A
>> +                 * */
>> +                url += "&token=" + 
>> kimchi.urlSafeB64Encode(vm).replace(/=/g, 'A');
>>                   url += "&kimchi=" + location.port;
>>                   url += '&encrypt=1';
>>                   window.open(url);
>
>

More information about the Kimchi-devel mailing list