From c8e4941174f4ba3e36dcc4089a0ee9b46f653ac0 Mon Sep 17 00:00:00 2001
From: Liudmila Molkova <lmolkova@microsoft.com>
Date: Thu, 21 Mar 2019 10:19:26 -0700
Subject: [PATCH] Fix 31687 on netfx: escape Correlation-Context keys and
 values (dotnet/corefx#36203)

* Fix 31687 on Desktop: escape Correlation-Context keys and values

* review comments


Commit migrated from https://github.com/dotnet/corefx/commit/39f825ed5fe5a19b0379f0ac0e7113f6d1b5d7b6
---
 .../Diagnostics/HttpHandlerDiagnosticListener.cs   |  2 +-
 .../tests/HttpHandlerDiagnosticListenerTests.cs    | 31 ++++++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs b/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs
index 3520b2e..ba2ba96 100644
--- a/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs
+++ b/src/libraries/System.Diagnostics.DiagnosticSource/src/System/Diagnostics/HttpHandlerDiagnosticListener.cs
@@ -639,7 +639,7 @@ namespace System.Diagnostics
                             do
                             {
                                 KeyValuePair<string, string> item = e.Current;
-                                baggage.Append(item.Key).Append('=').Append(item.Value).Append(',');
+                                baggage.Append(WebUtility.UrlEncode(item.Key)).Append('=').Append(WebUtility.UrlEncode(item.Value)).Append(',');
                             }
                             while (e.MoveNext());
                             baggage.Remove(baggage.Length - 1, 1);
diff --git a/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs b/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs
index 48acf6b..83349b2 100644
--- a/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs
+++ b/src/libraries/System.Diagnostics.DiagnosticSource/tests/HttpHandlerDiagnosticListenerTests.cs
@@ -421,6 +421,37 @@ namespace System.Diagnostics.Tests
             parentActivity.Stop();
         }
 
+
+        [OuterLoop]
+        [Fact]
+        public async Task TestInvalidBaggage()
+        {
+            var parentActivity = new Activity("parent")
+                .AddBaggage("key", "value")
+                .AddBaggage("bad/key", "value")
+                .AddBaggage("goodkey", "bad/value")
+                .Start();
+            using (var eventRecords = new EventObserverAndRecorder())
+            {
+                using (var client = new HttpClient())
+                {
+                    (await client.GetAsync(Configuration.Http.RemoteEchoServer)).Dispose();
+                }
+
+                Assert.Equal(1, eventRecords.Records.Count(rec => rec.Key.EndsWith("Start")));
+                Assert.Equal(1, eventRecords.Records.Count(rec => rec.Key.EndsWith("Stop")));
+
+                WebRequest thisRequest = ReadPublicProperty<WebRequest>(eventRecords.Records.First().Value, "Request");
+                string[] correlationContext = thisRequest.Headers["Correlation-Context"].Split(',');
+
+                Assert.Equal(3, correlationContext.Length);
+                Assert.True(correlationContext.Contains("key=value"));
+                Assert.True(correlationContext.Contains("bad%2Fkey=value"));
+                Assert.True(correlationContext.Contains("goodkey=bad%2Fvalue"));
+            }
+            parentActivity.Stop();
+        }
+
         /// <summary>
         /// Tests IsEnabled order and parameters
         /// </summary>
-- 
2.7.4