<html>
<head>
<meta content="text/html; charset=GB2312" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 07/29/2014 10:22 AM, Zheng Sheng ZS
Zhou wrote:<br>
</div>
<blockquote
cite="mid:OFA484BD05.A789300B-ON48257D24.000CD77B-48257D24.000D180D@cn.ibm.com"
type="cite">
<p><tt><font size="2">Sheldon <a class="moz-txt-link-rfc2396E" href="mailto:shaohef@linux.vnet.ibm.com"><shaohef@linux.vnet.ibm.com></a>
wrote 2014-07-28 17:23:21:<br>
<br>
> From: Sheldon <a class="moz-txt-link-rfc2396E" href="mailto:shaohef@linux.vnet.ibm.com"><shaohef@linux.vnet.ibm.com></a></font></tt><br>
<tt><font size="2">> To: <a class="moz-txt-link-abbreviated" href="mailto:alinefm@linux.vnet.ibm.com">alinefm@linux.vnet.ibm.com</a>, Kimchi
Devel <kimchi-<br>
> <a class="moz-txt-link-abbreviated" href="mailto:devel@ovirt.org">devel@ovirt.org</a>>, Zheng Sheng ZS
Zhou/China/IBM@IBMCN</font></tt><br>
<tt><font size="2">> Date: 2014-07-28 17:22</font></tt><br>
<tt><font size="2">> Subject: Re: [Kimchi-devel] [PATCH] bug
fix: Avoid equals sign in VM<br>
> console URL</font></tt><br>
<tt><font size="2">> <br>
> On 07/26/2014 05:01 AM, <a class="moz-txt-link-abbreviated" href="mailto:alinefm@linux.vnet.ibm.com">alinefm@linux.vnet.ibm.com</a>
wrote:<br>
> > From: Aline Manera
<a class="moz-txt-link-rfc2396E" href="mailto:alinefm@linux.vnet.ibm.com"><alinefm@linux.vnet.ibm.com></a><br>
> ><br>
> > >From python documentation,
base64.urlsafe_b64encode(s) <br>
> substitutes - instead<br>
> > of + and _ instead of / in the standard Base64
alphabet, BUT the result can<br>
> > still contain = which is not safe in a URL query
component.<br>
> > As token value is not decoded nowhere, replace =
by A<br>
> also in our kimchi I have try:<br>
> In [45]: base64.urlsafe_b64encode("abcd")<br>
> Out[45]: 'YWJjZA=='<br>
> In [41]: base64.urlsafe_b64encode("abcde")<br>
> Out[41]: 'YWJjZGU='<br>
> <br>
> <br>
> JS is very cool, it can decode base64 without "="
padding well<br>
> kimchi.urlSafeB64Decode("YWJjZA")<br>
> "abcd"<br>
> kimchi.urlSafeB64Decode("YWJjZGU")<br>
> "abcde"<br>
> <br>
> we just need in python:<br>
> In [48]: base64.urlsafe_b64encode("abcd").rstrip("=")<br>
> Out[48]: 'YWJjZA'<br>
> <br>
> </font></tt><br>
<br>
<tt><font size="2">A friendly remind: We have to make sure this
trick also works in IE and Chome.</font></tt><br>
</p>
</blockquote>
Try chrom can work. But No IE environment. <br>
<blockquote
cite="mid:OFA484BD05.A789300B-ON48257D24.000CD77B-48257D24.000D180D@cn.ibm.com"
type="cite">
<p>
<tt><font size="2"><br>
> > The problem with equals sign was only identified
on Spice connections.<br>
> > noVNC can deal well with that.<br>
> ><br>
> > For reference: <a moz-do-not-send="true"
href="https://docs.python.org/2/library/base64.html">https://docs.python.org/2/library/base64.html</a><br>
> ><br>
> > Signed-off-by: Aline Manera
<a class="moz-txt-link-rfc2396E" href="mailto:alinefm@linux.vnet.ibm.com"><alinefm@linux.vnet.ibm.com></a><br>
> > ---<br>
> > src/kimchi/vnc.py | 9 ++++++++-<br>
> > ui/js/src/kimchi.api.js | 18 ++++++++++++++++--<br>
> > 2 files changed, 24 insertions(+), 3
deletions(-)<br>
> ><br>
> > diff --git a/src/kimchi/vnc.py b/src/kimchi/vnc.py<br>
> > index 9380e21..4159049 100644<br>
> > --- a/src/kimchi/vnc.py<br>
> > +++ b/src/kimchi/vnc.py<br>
> > @@ -54,7 +54,14 @@ def new_ws_proxy():<br>
> ><br>
> > def add_proxy_token(name, port):<br>
> > with open(os.path.join(WS_TOKENS_DIR, name),
'w') as f:<br>
> > - name = base64.urlsafe_b64encode(name)<br>
> > + """<br>
> > + From python documentation
base64.urlsafe_b64encode(s)<br>
> > + substitutes - instead of + and _ instead
of / in the<br>
> > + standard Base64 alphabet, BUT the result
can still<br>
> > + contain = which is not safe in a URL
query component.<br>
> > + As token value is not decoded nowhere,
replace = by A<br>
> > + """<br>
> > + name =
base64.urlsafe_b64encode(name).replace('=', 'A')<br>
> > f.write('%s: localhost:%s' %
(name.encode('utf-8'), port))<br>
> ><br>
> ><br>
> > diff --git a/ui/js/src/kimchi.api.js
b/ui/js/src/kimchi.api.js<br>
> > index 8f5b68f..30360c5 100644<br>
> > --- a/ui/js/src/kimchi.api.js<br>
> > +++ b/ui/js/src/kimchi.api.js<br>
> > @@ -352,7 +352,14 @@ var kimchi = {<br>
> > }).done(function() {<br>
> > url = '<a class="moz-txt-link-freetext" href="https://">https://</a>' +
location.hostname + ':' + proxy_port;<br>
> > url +=
"/console.html?url=vnc_auto.html&port=" +<br>
> proxy_port;<br>
> > - url += "&path=?token=" +
kimchi.urlSafeB64Encode(vm);<br>
> > + /*<br>
> > + * From python documentation
base64.urlsafe_b64encode(s)<br>
> > + * substitutes - instead of + and
_ instead of / in the<br>
> > + * standard Base64 alphabet, BUT
the result can still<br>
> > + * contain = which is not safe in
a URL query component.<br>
> > + * As token value is not decoded
nowhere, replace = by A<br>
> > + * */<br>
> > + url += "&path=?token=" +
kimchi.urlSafeB64Encode<br>
> (vm).replace(/=/g, 'A');<br>
> > url += "&kimchi=" +
location.port;<br>
> > url += '&encrypt=1';<br>
> > window.open(url);<br>
> > @@ -377,7 +384,14 @@ var kimchi = {<br>
> > url = '<a class="moz-txt-link-freetext" href="https://">https://</a>' +
location.hostname + ':' + proxy_port;<br>
> > url +=
"/console.html?url=spice.html&port=" + proxy_port;<br>
> > url += "&listen=" +
location.hostname;<br>
> > - url += "&token=" +
kimchi.urlSafeB64Encode(vm);<br>
> > + /*<br>
> > + * From python documentation
base64.urlsafe_b64encode(s)<br>
> > + * substitutes - instead of + and
_ instead of / in the<br>
> > + * standard Base64 alphabet, BUT
the result can still<br>
> > + * contain = which is not safe in
a URL query component.<br>
> > + * As token value is not decoded
nowhere, replace = by A<br>
> > + * */<br>
> > + url += "&token=" +
kimchi.urlSafeB64Encode<br>
> (vm).replace(/=/g, 'A');<br>
> > url += "&kimchi=" +
location.port;<br>
> > url += '&encrypt=1';<br>
> > window.open(url);<br>
> <br>
> <br>
> -- <br>
> Thanks and best regards!<br>
> <br>
> Sheldon Feng(·λΙΩΊΟ)<a class="moz-txt-link-rfc2396E" href="mailto:shaohef@linux.vnet.ibm.com"><shaohef@linux.vnet.ibm.com></a><br>
> IBM Linux Technology Center<br>
> <br>
</font></tt>
</p>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Thanks and best regards!
Sheldon Feng(·λΙΩΊΟ)<a class="moz-txt-link-rfc2396E" href="mailto:shaohef@linux.vnet.ibm.com"><shaohef@linux.vnet.ibm.com></a>
IBM Linux Technology Center</pre>
</body>
</html>