Fix 31687 on netfx: escape Correlation-Context keys and values (dotnet/corefx#36203)

author Liudmila Molkova <lmolkova@microsoft.com>

Thu, 21 Mar 2019 17:19:26 +0000 (10:19 -0700)

committer Vance Morrison <vancem@microsoft.com>

Thu, 21 Mar 2019 17:19:26 +0000 (10:19 -0700)
author Liudmila Molkova <lmolkova@microsoft.com>
Thu, 21 Mar 2019 17:19:26 +0000 (10:19 -0700)
committer Vance Morrison <vancem@microsoft.com>
Thu, 21 Mar 2019 17:19:26 +0000 (10:19 -0700)
diff --git a/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs b/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs

index 3520b2e..ba2ba96 100644 (file)
--- a/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs
+++ b/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs
@@ -639,7 +639,7 @@ namespace System.Diagnostics
                              do
                              {
                                  KeyValuePair<string, string> item = e.Current;
-                                baggage.Append(item.Key).Append('=').Append(item.Value).Append(',');
+                                baggage.Append(WebUtility.UrlEncode(item.Key)).Append('=').Append(WebUtility.UrlEncode(item.Value)).Append(',');
                              }
                              while (e.MoveNext());
                              baggage.Remove(baggage.Length - 1, 1);
diff --git a/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs b/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs

index 48acf6b..83349b2 100644 (file)
--- a/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs
+++ b/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs
@@ -421,6 +421,37 @@ namespace System.Diagnostics.Tests
              parentActivity.Stop();
          }
  
+
+        [OuterLoop]
+        [Fact]
+        public async Task TestInvalidBaggage()
+        {
+            var parentActivity = new Activity("parent")
+                .AddBaggage("key", "value")
+                .AddBaggage("bad/key", "value")
+                .AddBaggage("goodkey", "bad/value")
+                .Start();
+            using (var eventRecords = new EventObserverAndRecorder())
+            {
+                using (var client = new HttpClient())
+                {
+                    (await client.GetAsync(Configuration.Http.RemoteEchoServer)).Dispose();
+                }
+
+                Assert.Equal(1, eventRecords.Records.Count(rec => rec.Key.EndsWith("Start")));
+                Assert.Equal(1, eventRecords.Records.Count(rec => rec.Key.EndsWith("Stop")));
+
+                WebRequest thisRequest = ReadPublicProperty<WebRequest>(eventRecords.Records.First().Value, "Request");
+                string[] correlationContext = thisRequest.Headers["Correlation-Context"].Split(',');
+
+                Assert.Equal(3, correlationContext.Length);
+                Assert.True(correlationContext.Contains("key=value"));
+                Assert.True(correlationContext.Contains("bad%2Fkey=value"));
+                Assert.True(correlationContext.Contains("goodkey=bad%2Fvalue"));
+            }
+            parentActivity.Stop();
+        }
+
          /// <summary>
          /// Tests IsEnabled order and parameters
          /// </summary>
author	Liudmila Molkova <lmolkova@microsoft.com>
	Thu, 21 Mar 2019 17:19:26 +0000 (10:19 -0700)
committer	Vance Morrison <vancem@microsoft.com>
	Thu, 21 Mar 2019 17:19:26 +0000 (10:19 -0700)
src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs		patch \| blob \| history
src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs		patch \| blob \| history