Skip to content

[BUG] [SecurityInsight@2022-10-01-preview] [ThreatIntelligence] the nextLink url is not encoded properly #31000

New issue
New issue
Open
Open
[BUG] [SecurityInsight@2022-10-01-preview] [ThreatIntelligence] the nextLink url is not encoded properly#31000

Description

@ziyeqf

ziyeqf
openedon Oct 14, 2024

API Spec link

azure-rest-api-specs/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-10-01-preview/ThreatIntelligence.json

Line 531 in 9ce76c4

"nextLink": {

API Spec version

2022-10-01-preview

Describe the bug

The nextLink property may contains #, not encoded. As the log in this issue(hashicorp/terraform-provider-azurerm#27086) shows

"nextLink": "https://management.azure.com/subscriptions/3f2e4d32-8e8d-46d6-82bc-5bb8d962328b/resourceGroups/alexott-fe-rg/providers/Microsoft.OperationalInsights/workspaces/sentinel-poc/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators?api-version=2022-10-01-preview\u0026$skipToken=[{\"compositeToken\":{\"token\":\"+RID:~wkAwAN9yJkCAgB8AAAAAAA==#RT:1#TRC:100#RTD:eXTCpa71Yy1sqZIRoXXABTMxMzUuMTkuMjhVMTo7NDM7MTgvMzc5OTU4M1sA#ISV:2#IEO:65567#QCF:8#FPC:AgF6fnoGAIEE/v9we3sCAABAfAIAAEB9AgAAQH4IAGFA/v4xQP8B\",\"range\":{\"min\":\"\",\"max\":\"FF\"}},\"resumeValues\":[\"2024-08-17T09:32:07.2688472Z\"],\"rid\":\"wkAwAN9yJkCAgB8AAAAAAA==\",\"skipCount\":0}]"

Per the RFC3986, # is a Reserved Characters, it should be percent-encoded.

the character # in the url leads to parsing failure, and causes bug on client side. Please encode it properly.

Expected behavior

The URl should be encoded properly like

https://management.azure.com/subscriptions/3f2e4d32-8e8d-46d6-82bc-5bb8d962328b/resourceGroups/alexott-fe-rg/providers/Microsoft.OperationalInsights/workspaces/sentinel-poc/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators?api-version=2022-10-01-preview\u0026$skipToken=%5B%7B%5C%22compositeToken%5C%22%3A%7B%5C%22token%5C%22%3A%5C%22%2BRID%3A~wkAwAN9yJkCAgB8AAAAAAA%3D%3D%23RT%3A1%23TRC%3A100%23RTD%3AeXTCpa71Yy1sqZIRoXXABTMxMzUuMTkuMjhVMTo7NDM7MTgvMzc5OTU4M1sA%23ISV%3A2%23IEO%3A65567%23QCF%3A8%23FPC%3AAgF6fnoGAIEE%2Fv9we3sCAABAfAIAAEB9AgAAQH4IAGFA%2Fv4xQP8B%5C%22%2C%5C%22range%5C%22%3A%7B%5C%22min%5C%22%3A%5C%22%5C%22%2C%5C%22max%5C%22%3A%5C%22FF%5C%22%7D%7D%2C%5C%22resumeValues%5C%22%3A%5B%5C%222024-08-17T09%3A32%3A07.2688472Z%5C%22%5D%2C%5C%22rid%5C%22%3A%5C%22wkAwAN9yJkCAgB8AAAAAAA%3D%3D%5C%22%2C%5C%22skipCount%5C%22%3A0%7D%5D

Actual behavior

the url is not encoded

Reproduction Steps

N/A

Environment

Azure Public

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

MgmtThis issue is related to a management-plane library.bugThis issue requires a change to an existing behavior in the product in order to be resolved.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions