如何在 WSO2 EI 上的 HTTP 请求中转义 URL 不安全字符

Question

Is it possible to escape unsafe URL characters in WSO2? For example if WSO2 is receiving a request with a request URL https://example.com/something?token=...&imageFormat=image/png . The slash "/" symbol in the query parameters is not safe, but I don't care, I just want to proxy this request to another server, but WSO2 returns a Error 404--Not Found , probably because the slash in the query parameters confused it.

However the request is rejected far before any mediator processing takes place, so I can't do anything about it. Is there any way to escape incoming request URL's?

Answer 1

I don't think it's the query param that's causing the issue. Generally whatever is after the ? is ignored for context matching. I tried this with a simple API and it worked without any issues. See the sample below.

API

<?xml version="1.0" encoding="UTF-8"?>
<api context="/sample" name="Sample" xmlns="http://ws.apache.org/ns/synapse">
    <resource methods="GET">
        <inSequence>
            <property action="remove" name="TRANSPORT_HEADERS" scope="axis2"/>
            <payloadFactory media-type="xml">
                <format>
                    <msg xmlns="">Hello</msg>
                </format>
                <args/>
            </payloadFactory>
            <property name="messageType" scope="axis2" type="STRING" value="application/json"/>
            <respond/>
        </inSequence>
        <outSequence/>
        <faultSequence/>
    </resource>
</api>

WireLog

HTTP-Listener I/O dispatcher-5 >> "GET /sample?token=12345&imageFormat=image/png HTTP/1.1[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "User-Agent: PostmanRuntime/7.29.0[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "Accept: */*[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "Postman-Token: f5e87376-f8b1-4722-b068-6513314de9ab[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "Host: localhost:8280[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "Accept-Encoding: gzip, deflate, br[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "Connection: keep-alive[\r][\n]"
HTTP-Listener I/O dispatcher-5 >> "[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "HTTP/1.1 200 OK[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "Content-Type: application/json; charset=UTF-8[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "Date: Tue, 30 Aug 2022 13:00:01 GMT[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "Transfer-Encoding: chunked[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "Connection: keep-alive[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "f[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "{"msg":"Hello"}[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "0[\r][\n]"
HTTP-Listener I/O dispatcher-5 << "[\r][\n]"

As you can see above I'm doing the following call and it works as expected.

curl 'http://localhost:8280/sample?token=12345&imageFormat=image/png'

Workaround

If you are sure that the error is caused by the slash in the query param, here is a workaround. All the service calls that are not matched will be dispatched to the default main sequence. You can find this sequence by navigating to <EI_HOME>/repository/deployment/server/synapse-configs/default/sequences or going to Sequences section from the carbon console. In your main sequence, you can add some logic like the below, to check if this is your API that's failing and route everything to a different sequence or you can even invoke the original API after doing URL encoding from the main sequence. In the below example the root context of my API is Sample .

<filter regex="true" source="starts-with(get-property('To'), '/sample')" xmlns:ns="http://org.apache.synapse/xsd">
    <then>
        <log>
            <property name="msg" value="Weird API Matched ~~~~~~Do your stuff here or invoke another sequence~~~~~~~"/>
        </log>
        <sequence key="Seq"/>
    </then>
    <else>
        <log>
            <property name="msg" value="No Match ~~~~~~~~~~~~~~~~~"/>
        </log>
    </else>
</filter>