robMate opened a new pull request, #24185: URL: https://github.com/apache/camel/pull/24185
# Description The Camel Milo client component previously embedded authentication credentials directly in the endpoint URI using the format user:password@host. To prevent Milo from receiving credentials (which it doesn't handle), the component used string manipulation with `discoveryUri.replaceFirst(user + "@", "")` to strip credentials from the URL before connection. This caused issues because the `replaceFirst()` function uses regex patterns that fail with regex special characters like "$.*", and passwords containing characters like "%" cause issues with `java.net.URLDecoder.decode()` due to percent-encoding in URLs. This approach has limitations: it fails when credentials contain special characters commonly found in auto-generated passwords, such as: @ (breaks URI parsing) ?, & (URI query parameter delimiters) /, # (URI structure delimiters) $, % (encoding/variable expansion) For example, a password like pass@$?&/#% would cause the discovery URI reconstruction to fail or produce incorrect results. # Target - [x] I checked that the commit is targeting the correct branch (Camel 4 uses the `main` branch) # Tracking - [x] If this is a large change, bug fix, or code improvement, I checked there is a [JIRA issue](https://issues.apache.org/jira/browse/CAMEL) filed for the change (usually before you start working on it). # Apache Camel coding standards and style - [x] I checked that each commit in the pull request has a meaningful subject line and body. - [x] I have run `mvn clean install -DskipTests` locally from root folder and I have committed all auto-generated changes. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
