[bugfix] Fix http header being incorrectly encoded. (apache#3108)

Co-authored-by: aias00 <[email protected]>

Author: yunfan24

e2e/data/monitor-http.json

@@ -73,6 +73,11 @@
       "field": "successCode",
       "type": 4,
       "paramValue": "200, 201"
+    },
+    {
+      "field": "enableUrlEncoding",
+      "type": 1,
+      "paramValue": true
     }
   ]
 }

hertzbeat-collector/hertzbeat-collector-basic/src/main/java/org/apache/hertzbeat/collector/collect/http/HttpCollectImpl.java

@@ -86,6 +86,7 @@
 import org.springframework.http.MediaType;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
+import org.springframework.web.util.UriUtils;
 import org.xml.sax.InputSource;
 import org.w3c.dom.Document;
 import org.w3c.dom.Node;
@@ -509,13 +510,37 @@ public HttpUriRequest createHttpRequest(HttpProtocol httpProtocol) {
         }
         // params
         Map<String, String> params = httpProtocol.getParams();
+        boolean enableUrlEncoding = Boolean.parseBoolean(httpProtocol.getEnableUrlEncoding());
+        StringBuilder queryParams = new StringBuilder();
+        
         if (params != null && !params.isEmpty()) {
             for (Map.Entry<String, String> param : params.entrySet()) {
-                if (StringUtils.hasText(param.getValue())) {
-                    requestBuilder.addParameter(param.getKey(), TimeExpressionUtil.calculate(param.getValue()));
+                String key = param.getKey();
+                String value = param.getValue();
+
+                if (!StringUtils.hasText(key)) {
+                    continue;
+                }
+
+                if (queryParams.length() > 0) {
+                    queryParams.append("&");
+                }
+
+                if (enableUrlEncoding) {
+                    key = UriUtils.encodeQueryParam(key, "UTF-8");
+                }
+                queryParams.append(key);
+
+                if (StringUtils.hasText(value)) {
+                    String calculatedValue = TimeExpressionUtil.calculate(value);
+                    if (enableUrlEncoding) {
+                        calculatedValue = UriUtils.encodeQueryParam(calculatedValue, "UTF-8");
+                    }
+                    queryParams.append("=").append(calculatedValue);
                 }
             }
         }
+        
         // The default request header can be overridden if customized
         // keep-alive
         requestBuilder.addHeader(HttpHeaders.CONNECTION, NetworkConstants.KEEP_ALIVE);
@@ -525,8 +550,7 @@ public HttpUriRequest createHttpRequest(HttpProtocol httpProtocol) {
         if (headers != null && !headers.isEmpty()) {
             for (Map.Entry<String, String> header : headers.entrySet()) {
                 if (StringUtils.hasText(header.getValue())) {
-                    requestBuilder.addHeader(CollectUtil.replaceUriSpecialChar(header.getKey()),
-                            CollectUtil.replaceUriSpecialChar(header.getValue()));
+                    requestBuilder.addHeader(header.getKey(), header.getValue());
                 }
             }
         }
@@ -560,23 +584,48 @@ public HttpUriRequest createHttpRequest(HttpProtocol httpProtocol) {
             requestBuilder.setEntity(new StringEntity(httpProtocol.getPayload(), StandardCharsets.UTF_8));
         }
 
-        // uri
-        String uri = CollectUtil.replaceUriSpecialChar(httpProtocol.getUrl());
-        if (IpDomainUtil.isHasSchema(httpProtocol.getHost())) {
+        // uri encode
+        String uri;
+        if (enableUrlEncoding) {
+            // if the url contains parameters directly
+            if (httpProtocol.getUrl().contains("?")) {
+                String path = httpProtocol.getUrl().substring(0, httpProtocol.getUrl().indexOf("?"));
+                String query = httpProtocol.getUrl().substring(httpProtocol.getUrl().indexOf("?") + 1);
+                uri = UriUtils.encodePath(path, "UTF-8") + "?" + UriUtils.encodeQuery(query, "UTF-8");
+            } else {
+                uri = UriUtils.encodePath(httpProtocol.getUrl(), "UTF-8");
+            }
+        } else {
+            uri = httpProtocol.getUrl();
+        }
 
-            requestBuilder.setUri(httpProtocol.getHost() + ":" + httpProtocol.getPort() + uri);
+        // append query params
+        if (queryParams.length() > 0) {
+            uri += (uri.contains("?") ? "&" : "?") + queryParams.toString();
+        }
+        
+        String finalUri;
+        if (IpDomainUtil.isHasSchema(httpProtocol.getHost())) {
+            finalUri = httpProtocol.getHost() + ":" + httpProtocol.getPort() + uri;
         } else {
             String ipAddressType = IpDomainUtil.checkIpAddressType(httpProtocol.getHost());
             String baseUri = NetworkConstants.IPV6.equals(ipAddressType)
                     ? String.format("[%s]:%s%s", httpProtocol.getHost(), httpProtocol.getPort(), uri)
                     : String.format("%s:%s%s", httpProtocol.getHost(), httpProtocol.getPort(), uri);
             boolean ssl = Boolean.parseBoolean(httpProtocol.getSsl());
             if (ssl) {
-                requestBuilder.setUri(NetworkConstants.HTTPS_HEADER + baseUri);
+                finalUri = NetworkConstants.HTTPS_HEADER + baseUri;
             } else {
-                requestBuilder.setUri(NetworkConstants.HTTP_HEADER + baseUri);
+                finalUri = NetworkConstants.HTTP_HEADER + baseUri;
             }
         }
+        
+        try {
+            requestBuilder.setUri(finalUri);
+        } catch (IllegalArgumentException e) {
+            log.warn("Invalid URI with illegal characters: {}. User has disabled URL encoding, not applying any encoding.", finalUri);
+            throw e;
+        }
 
         // custom timeout
         int timeout = CollectUtil.getTimeout(httpProtocol.getTimeout(), 0);

hertzbeat-common/src/main/java/org/apache/hertzbeat/common/entity/job/protocol/HttpProtocol.java

@@ -95,6 +95,12 @@ public class HttpProtocol implements CommonRequestProtocol, Protocol {
      */
     private List<String> successCodes;
 
+    /**
+     * Whether to enable URL encoding for the path. Default is true.
+     * When true, the URL path will be encoded. When false, the URL path will not be encoded.
+     */
+    private String enableUrlEncoding = "true";
+
     /**
      * authentication information
      */

hertzbeat-manager/src/main/resources/define/app-api.yml

@@ -246,6 +246,20 @@ params:
     defaultValue: '200, 201'
     # hide param-true or false
     hide: true
+  # field-param field key
+  - field: enableUrlEncoding
+    # name-param field display i18n name
+    name:
+      zh-CN: 启用URL编码（UTF-8）
+      en-US: Enable URL Encoding(UTF-8)
+    # type-param field type(most mapping the html input type)
+    type: boolean
+    # required-true or false
+    required: true
+    # default value
+    defaultValue: true
+    # hide param-true or false
+    hide: true
 # collect metrics config list
 metrics:
   # metrics - summary
@@ -286,6 +300,8 @@ metrics:
       method: ^_^httpMethod^_^
       # if enabled https
       ssl: ^_^ssl^_^
+      # enable url encoding
+      enableUrlEncoding: ^_^enableUrlEncoding^_^
       # http request payload
       payload: ^_^payload^_^
       # http request header content
@@ -344,6 +360,8 @@ metrics:
       method: GET
       # if enabled https
       ssl: ^_^ssl^_^
+      # enable url encoding
+      enableUrlEncoding: ^_^enableUrlEncoding^_^
       authorization:
         # http auth type: Basic Auth, Digest Auth, Bearer Token
         type: ^_^authType^_^