Different handling for utf-8 in http header and perl variables
Affected version
Version:
$ rpm -qv lemonldap-ng httpd
lemonldap-ng-2.18.2-1.el8.noarch
httpd-2.4.37-62.module+el8.9.0+1436+2b7d5021.x86_64
$ cat /etc/rocky-release
Rocky Linux release 8.9 (Green Obsidian)
Platform: Apache HTTPD
Summary
We are seeing different handling depending on where the information was encoded. When adding utf-8 variables through the manager and the variables fetched from LDAP.
Logs
Couldn't find logs relevant to this problem (none on login on display of test1 vhost).
Backends used
Using
globalStorage: Apache::Session::Browseable::LDAP
globalStorageOptions: |-
{ \
'type' => 'LDAP', \
'ldapServer' => 'ldap+tls://{{ ldap_host }}', \
'ldapConfBase' => 'ou=sessions,ou=lemonldap,ou=appconfig,dc=liege,dc=be', \
'ldapBindDN' => 'cn=lemonldap-{{ inventory_hostname }},ou=technical,ou=people,dc=liege,dc=be', \
'ldapBindPassword' => '{{ lemonldap_ldap_password }}', \
'ldapObjectClass' => 'applicationProcess', \
'ldapAttributeId' => 'cn', \
'ldapAttributeContent' => 'description', \
'ldapAttributeIndex' => 'ou', \
'ldapRaw' => '(?i:^jpegPhoto|;binary)', \
'Index' => '_whatToTrace _session_kind _assert_id' \
}
Details
We see different handling of encoding depending of where the strings are coming from:
With a user coming from LDAP (fully utf-8) with name "Fiçà3" and values exported to the test1 vhost as such:
We get in headers:
In perl variables:
In the manager's session viewer:
We do not expect http headers to be encoded as utf-8, but we do expect utf-8 strings to be encoded the same no matter where they come from.
We also made sure to set ldapRaw
so that the perl ldap module recognizes fields as utf-8.