-
Notifications
You must be signed in to change notification settings - Fork 840
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Parsing env variable NO_PROXY #4703
Comments
@a-brunelliere-maif thank you for reaching out. The reason why we use '|' as separators is because it's the standard for Java System Properties - According to the Java SE 8 Networking Properties documentation:
We use the same '|' separator in the Environment Variable for consistency. I don't see this is mentioned in our Developer Guide, so it's an opportunity to improve it. Can you use '|' instead of a comma ',' in the environment variable? |
Hi @debora-ito , thanks for you your answer. You provide me the right documentation for the system property "http.nonProxyHosts" and we respect this format for it.
The amazon client s3 can retrieve the both values, except it use the "http.nonProxyHosts" format for the "NO_PROXY" variable |
It is also issue for us because we use another applications which are using NO_PROXY environment variable and they supports only I would say more "standardized" comma separated list so we cannot change it to pipes. So this issue is blocking us from upgrading from 2.20.x (which contains vulnerability in netty dependencies - CVE-2023-4586) to 2.21.x. |
Just to set expectations, we can't simply change the separator to ',' because this would break people already relying on '|'. A non-breaking solution will take a little more work. Community note: please vote by adding a 👍 reaction to the original issue to help us prioritize this request. @martinsefcik this should not block you from upgrading to 2.21.x, there was no change in behavior of the NO_PROXY environment variable from 2.20.x - meaning if you use comma separated list then NO_PROXY was not working on 2.2.0.x and it is still not working in 2.21.x. |
@debora-ito I have configured So I'm not sure what exactly is a problem, but it looks very related to this issue and initially I thought that you drop support for commas in |
@martinsefcik I see, that looks like a regression. Which HTTP client were you using with 2.20.x? Can you share a code sample I can use to reproduce? |
I think, there was a regression due to this PR : #4467 There was an add 6 weeks ago to use NO_PROXY (with the wrong format), this env variable wasn't used before by the client. |
Let's be clear: Parsing Here's my justification:
|
@a-brunelliere-maif , @martinsefcik @abatkin Appreciate your response and details provided to this issue. Thank you 👍 |
|
Describe the bug
Hi,
I don't know if the content of the NO_PROXY environment variable is actually described by a standard, but a pattern like this is quite common : "localhost, .example.com"
The code software.amazon.awssdk.utils.http.SdkHttpUtils.extractNonProxyHosts() code relies on a block of code that only expects a localhost|*.example.com format
Expected Behavior
Format like "localhost, .example.com" is allowed
Current Behavior
Format like "localhost, .example.com" is misinterpreted
Reproduction Steps
Create a client with env var NO_PROXY=localhost, .example.com
Possible Solution
No response
Additional Information/Context
No response
AWS Java SDK version used
2.21.22
JDK version used
11
Operating System and version
windows 11
The text was updated successfully, but these errors were encountered: