Skip to content

fix(connectors): don't panic on empty/slash-less relative URI templates#9790

Open
aaronArinder wants to merge 2 commits into
devfrom
fix/http-empty-path-and-query-panic
Open

fix(connectors): don't panic on empty/slash-less relative URI templates#9790
aaronArinder wants to merge 2 commits into
devfrom
fix/http-empty-path-and-query-panic

Conversation

@aaronArinder

Copy link
Copy Markdown
Contributor

Summary

  • http 1.4.2 tightened PathAndQuery validation: it now rejects an empty string outright and requires a leading / on any non-empty, non-query-only relative path. http 1.4.0 (currently locked/shipped) silently normalized both — an empty string became "/", and a slash-less relative path like "hello" was accepted as-is and correctly joined later by make_uri's own slash-handling logic.
  • This surfaced as the test_updated_cargo_deps nightly job panicking on every run once dependency resolution picked up http 1.4.2 (see companion PR retiring that job) — but it's a real latent bug independent of that job: any router instance that happens to resolve http 1.4.2+ (e.g. via cargo update, or once Cargo.toml's http = "1.4.0" range naturally advances) will panic building connector request URIs for the empty-path/empty-query case or any connect template lacking a leading /.
  • Two call sites needed fixing:
    • http_json_transport.rs: PathAndQuery::from_static("") panicked for the empty-path/empty-query case. Now uses PathAndQuery::from_static("/") directly — exactly what 1.4.0 already normalized "" to internally (verified: PathAndQuery::from_static("").as_str() == "/" under 1.4.0).
    • string_template.rs: interpolate_uri's relative-URI branch passed the raw interpolated string straight to PathAndQuery::from_str, which is what actually broke on an empty connect/source template and on a connect template without a leading slash (e.g. "hello" instead of "/hello"). Now normalizes before parsing.

Verification

  • Bumped Cargo.lock's http to 1.4.2 locally and confirmed the original panics reproduce without this fix.
  • With the fix applied (still on http 1.4.2): cargo test -p apollo-federation --lib connectors:: → 1512 passed, 0 failed (including the previously-panicking test_make_uri and test_interpolate_uri cases). cargo test -p apollo-router --lib plugins::connectors:: → 107 passed, 0 failed.
  • Reverted Cargo.lock back to the committed http = "1.4.0" and re-ran the same test modules — all still pass, confirming no behavior change under the currently-shipped dependency version.
  • cargo fmt -p apollo-federation --check clean.

Test plan

  • Existing test_make_uri and test_interpolate_uri suites pass under both http 1.4.0 (current) and 1.4.2 (future)
  • apollo-router's plugins::connectors:: suite passes under both
  • Changeset to follow in a subsequent commit on this branch, referencing this PR number

http 1.4.2 tightened PathAndQuery validation: it now rejects an empty
string outright and requires a leading `/` on any non-empty,
non-query-only relative path — whereas 1.4.0 (currently locked)
silently normalized both cases (empty -> "/", "users" stayed "users"
and was later joined correctly by make_uri's own slash-handling
logic).

Two call sites relied on the old lenient behavior:
- http_json_transport.rs: PathAndQuery::from_static("") panicked for
  the empty-path/empty-query case. Now uses "/" directly, matching
  what the old version already normalized to internally.
- string_template.rs: interpolate_uri's relative-URI branch passed
  the raw interpolated string straight to PathAndQuery::from_str,
  which is what actually broke on both an empty connect/source
  template and a connect_template without a leading slash (e.g.
  "hello" instead of "/hello"). Normalize before parsing instead.

Verified against http 1.4.2 directly (bumped Cargo.lock locally,
confirmed the panics reproduce without this fix and are resolved with
it, ran the full apollo-federation connectors suite and
apollo-router's plugins::connectors:: suite) before reverting
Cargo.lock back to the committed 1.4.0.
@aaronArinder
aaronArinder requested review from a team as code owners July 9, 2026 19:50
@apollo-librarian

apollo-librarian Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

✅ Docs preview has no changes

The preview was not built because there were no changes.

Build ID: 0a567a7afbf53c6092b7b4f3
Build Logs: View logs


✅ AI Style Review — No Changes Detected

No MDX files were changed in this pull request.

Review Log: View detailed log

This review is AI-generated. Please use common sense when accepting these suggestions, as they may not always be accurate or appropriate for your specific context.

@github-actions

This comment has been minimized.

@goto-bus-stop goto-bus-stop left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I guess the tests should already cover this case as tests were failing on the http update PR!

@mergify

mergify Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Tick the box to add this pull request to the merge queue (same as @mergifyio queue).

  • Queue this pull request

@benjamn benjamn left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding a test that fully pins the new normalization? The fix looks correct, but nothing currently guards it: the closest existing test (relative_uris, string_template.rs:648) only checks that a path-and-query exists, not what it normalizes to, so a slashless input like "path" could regress to the wrong value and the test would still pass. There's also no case at all for the empty-string input (the "" → "/" branch this PR adds). Suggestion: assert the concrete result for the two new cases, e.g. "" normalizes to / and "path" normalizes to /path.

goto-bus-stop added a commit that referenced this pull request Jul 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants