From 1156346dc243dc46bcc7c78a64454ff4bae7ddc5 Mon Sep 17 00:00:00 2001
From: imacdonn <iain.macdonnell@oracle.com>
Date: Thu, 1 Nov 2018 21:36:11 +0000
Subject: Don't quote colon in HTTP headers

Since the introduction of quoting of header content in
https://review.openstack.org/568698, the 'x-image-meta-location' header
has been broken, because urllib.quote() is really intended to be applied
to only the path section of a URL, but in this case, it gets applied to
the entire URL, and catches the colon that separates the scheme from the
remainder of the URL.

This change adds the colon to the list of characters that should not get
quoted. Since a colon can be directly represented in ASCII, this should
not invalidate the previous change.

Change-Id: I76a1c9a361b6c9f6eb95ae766b8c3bcf2267703a
Closes-Bug: #1788942
---
 glanceclient/common/http.py          | 6 +++++-
 glanceclient/tests/unit/test_http.py | 8 +++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/glanceclient/common/http.py b/glanceclient/common/http.py
index a5fb153..9ba806f 100644
--- a/glanceclient/common/http.py
+++ b/glanceclient/common/http.py
@@ -66,7 +66,11 @@ def encode_headers(headers):
     for h, v in headers.items():
         if v is not None:
             # if the item is token, do not quote '+' as well.
-            safe = '=+/' if h in TOKEN_HEADERS else '/'
+            # NOTE(imacdonn): urlparse.quote() is intended for quoting the
+            # path part of a URL, but headers like x-image-meta-location
+            # include an entire URL. We should avoid encoding the colon in
+            # this case (bug #1788942)
+            safe = '=+/' if h in TOKEN_HEADERS else '/:'
             if six.PY2:
                 # incoming items may be unicode, so get them into something
                 # the py2 version of urllib can handle before percent encoding
diff --git a/glanceclient/tests/unit/test_http.py b/glanceclient/tests/unit/test_http.py
index 6eee005..2f72b9a 100644
--- a/glanceclient/tests/unit/test_http.py
+++ b/glanceclient/tests/unit/test_http.py
@@ -216,7 +216,11 @@ class TestClient(testtools.TestCase):
 
     def test_headers_encoding(self):
         value = u'ni\xf1o'
-        headers = {"test": value, "none-val": None, "Name": "value"}
+        fake_location = b'http://web_server:80/images/fake.img'
+        headers = {"test": value,
+                   "none-val": None,
+                   "Name": "value",
+                   "x-image-meta-location": fake_location}
         encoded = http.encode_headers(headers)
         # Bug #1766235: According to RFC 8187, headers must be
         # encoded as 7-bit ASCII, so expect to see only displayable
@@ -225,6 +229,8 @@ class TestClient(testtools.TestCase):
         self.assertNotIn("none-val", encoded)
         self.assertNotIn(b"none-val", encoded)
         self.assertEqual(b"value", encoded[b"Name"])
+        # Bug #1788942: Colons in URL should not get percent-encoded
+        self.assertEqual(fake_location, encoded[b"x-image-meta-location"])
 
     @mock.patch('keystoneauth1.adapter.Adapter.request')
     def test_http_duplicate_content_type_headers(self, mock_ksarq):
-- 
cgit v1.2.1