Trying to invalidate an AWS cloudfront path that contains a tilde ~ character results in an invalid argument error. A tilde is a valid URL character, and invoking things like encodeURI or encodeURIComponent against strings that contain it do not encode it.
What I've tried
I've tried encoding the tile as %7E in the invalidation URL. This does not yield an invalid argument error, but it does not invalidate the path for the desired file either.
Temporary workaround
I've been able to work around this by finding the first index of ~, replacing it with a *, and chopping off the rest of the string afterward. This creates the needed invalidation, though not the desired invalidation, as it can also invalidate paths that may be optimized by remaining cached.
AWS Support says that this is an issue with invalidating paths that contain special characters, that they are aware of the issue, and are actively working toward a solution.
The reason that %7E doesn't work is because cloudfront caches it separately from the tilde.
Related
I'm trying to copy one file using puppet in windows.
Code is as below :-
file { 'D:\mycopy\folder\filename':
ensure => present,
mode => '0660',
source => "d:\temp\test.zip",
}
It is giving me below error
Cannot use opaque urls' file:\d: est\test.zip
I want to unzip also after copy. Thanks.
Puppet recognizes both backslashes (\) and forward slashes (/) as path separators in Windows file names. Although Windows shells want the former, the latter is a lot safer to use in Puppet manifests.
In this case, the two appearances of \t in your double-quoted path string will be interpreted as escape sequences representing the tab character. You could solve that issue in this case by doubling the backslashes, by switching to a single-quoted string, or by switching to forward slashes. As a matter of style, I would both switch to single quotes (because there are no variable interpolations or single quotes in the string content) and switch to forward slashes:
However, the actual diagnostic about opaque URLs is a clue to another issue: Puppet accepts URLs as values of File's source parameter, and it is interpreting your absolute filename as a URL with scheme 'd'. To work around this, you should express the source via a file: URL:
source => 'file://d:/temp/test.zip'
I have an application which correctly escapes slashes ("/) in file names to avoid path traversal attacks.
The secret file has this path:
/tmp/secret.txt
I want to access this file by uploading a file with a special crafted file name (something like \/tmp\/secret.txt)
Is there any alternative syntax without the slashes which I can use so that Linux will read this file?
(I'm aware of URL encoding but as the escaping is done in the backend this has no use for me.)
No. The / is not allowed in a filename, no matter if it's escaped as \/ or not.
It is one out of only two characters that are not allowed in filenames, the other being \0.
This means that you obviously could use _tmp_secret.txt or -tmp-secret.txt, or replace the / in the path with any other character that you wish, to create a filename with a path "encoded into it". But in doing so, you can not encode pathnames that includes the chosen delimiter character in one or several of its path components and expect to decode it into the original pathname.
This is, by the way, how OpenBSD's ports system encodes filenames for patches to software. In (for example) /usr/ports/shells/fish/patches we find files with names like
patch-share_tools_create_manpage_completions_py
which comes from the pathname of a particular file in the fish shell source distribution (probably share/tools/create_manpage_completions.py). These pathnames are however never parsed, and the encoding is only there to create unique and somewhat intelligible filenames for the patches themselves. The real paths are included in the patch files.
If I write:
res.status(200).download(p, 'he/lo/ldkaf/fd.mp3');
the download will show up as:
fd.mp3
currently the only workaround is turning all the slashes into spaces:
res.status(200).download(p, 'he/lo/ldkaf/fd.mp3'.split('/').join(' '));
But I'd like to keep the slashes. Is there a solution to this problem?
The second parameter to .download() is a filename only (no path) that should be offered as the default filename in the browser if/when the browser saves the file. Slashes are not allowed because they are not a legal character in a filename (since they are typically path separators) and any path suggested by a server would be ignored by a browser (as a security issue).
I have imported images to my own server. One of the many filenames has %20 in them, e.g. 50128%202789%20001V%20500.jpg. However the browser sees it as 50128 2789 001V 500.jpg, so it won't display the image.
What solution can I use, to display the image properly?
"%20" is a percent-encoding for a space, and has special meaning in a URL. Basically, you can't use spaces in a URI or URL, and have to replace them with a code to comply with the rules. Things that read URLs (the server for example) translate them back.
Unfortunately, that means if you have a filename containing this sequence, it will be mistaken for a percent-encoded space, as you're seeing.
The solution is to also percent-encode the '%'. The percent-encoding for a '%' character is "%25".
In your example, the name "50128%202789%20001V%20500.jpg" has to be encoded to "50128%25202789%2520001V%2520500.jpg" so that those '%' characters are not mistaken for spaces.
There are of course other things that get encoded. The rules are defined in the URI specification.
I tried to use:
dir('dirname\*')
and it did not work. It started to work after I started to use:
dir('dirname\m*')
Does anybody know why?
Matlab does understand wildcards *, but in the way you unluckiliy tried to adhere to Windows cmd path conventions, you entered the string \*, which is a literal asterisk (due to the escaping backslash).
A workaround, or the preferred way to specify paths on all platforms, is using a forward slash / as a directory seperator.
dir('dirname/*')
This also explains why adding the m after the backslash "fixed" the issue; the asterisk was no longer a literal asterisk, but allowed to be interpreted as a wildcard character.
EDIT: Documentation explicitely says the wildcard character is allowed and works as expected (see my explanation above).
Try to provide the full path, like dir('c:\dirname*.m'),
and make sure the folder 'dirname' exists.
What is your OS ? Here on Windows, the first line works well. However, the "*" is maybe considered by Matlab as a literal "*". What happens with dir('dirname/*') ?