Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http.Service parseAddress Is the path of the beacon node intercepted, causing some nodes to be inaccessible? #173

Open
duktig666 opened this issue Nov 21, 2024 · 2 comments
Open

http.Service parseAddress Is the path of the beacon node intercepted, causing some nodes to be inaccessible? #173

duktig666 opened this issue Nov 21, 2024 · 2 comments

Comments

@duktig666
Copy link

go-eth2-client/http/service.go

Lines 397 to 426 in 951cf2c

func parseAddress(address string) (*url.URL, *url.URL, error) {
if !strings.HasPrefix(address, "http") {
address = fmt.Sprintf("http://%s", address)
}
base, err := url.Parse(address)
if err != nil {
return nil, nil, errors.Join(errors.New("invalid URL"), err)
}
// Remove any trailing slash from the path.
base.Path = strings.TrimSuffix(base.Path, "/")
// Attempt to mask any sensitive information in the URL, for logging purposes.
baseAddress := *base
if _, pwExists := baseAddress.User.Password(); pwExists {
// Mask the password.
user := baseAddress.User.Username()
baseAddress.User = url.UserPassword(user, "xxxxx")
}
if baseAddress.Path != "" {
// Mask the path.
baseAddress.Path = "xxxxx"
}
if baseAddress.RawQuery != "" {
// Mask all query values.
sensitiveRegex := regexp.MustCompile("=([^&]*)(&)?")
baseAddress.RawQuery = sensitiveRegex.ReplaceAllString(baseAddress.RawQuery, "=xxxxx$2")
}
return base, &baseAddress, nil
} 

        if baseAddress.Path != "" {
		// Mask the path.
		baseAddress.Path = "xxxxx"
	}

The above code intercepts the path configured beaconAddr, which makes some normal nodes inaccessible.

For example, the following nodes:

https://aaa.com/ethereum2/{token}

It is normal for paths to carry tokens, but such modifications invalidate them.
@Bez625
Copy link
Collaborator

Bez625 commented Nov 21, 2024

Hi @duktig666

I took a look at the code you mentioned and I think there is a slight misunderstanding in it's purpose. The function returns two variables; base and baseAddress. base is largely unmodified and is used to connect to the address supplied. As you point out, baseAddress is modified to mask any sensitive information, but should only be used for logs and monitoring purposes.

It might help if you can explain the issue you are seeing related to this? E.g. which URL are you trying to connect to and what is the error message you are getting? Feel free to share some logs (with sensitive information redacted of course).

@YFiN99
Copy link

YFiN99 commented Dec 28, 2024

gm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Bez625 @duktig666 @YFiN99