Encoding of folder names, namespaces, and IDs in Winery

Outdated Although the information about double-encoding is correct, the UI has been re-implemented using Angular, which introduces an additional layer of URLs.

Example to understand double encoding of URIs in Winery

In file systems, characters / and : are not allowed source. The design decision is that all files (node types, imports in CSARs, …) are stored and structured using directories with human readable names. Therefore, the namespace URI must be used in an encoded form, otherwise the name would not be valid (http://www...). An example for such a directory name is http%3A%2F%2Fwww.w3.org%2F2001%2FXMLSchema. Since (1) namespaces are URIs and (2) percent-encoded URIs form valid directory names, URL encoding is used.

For a better understanding we distinguish two cases:

(1) calling a URL and (2) linking to the location of a TOSCA import in a TOSCA XML file contained in the CSAR

(1) Calling a URL

For example, to query node type information the following URL can be used: http://localhost:8080/winery/nodetypes/http%253A%252F%252Fopentosca.org%252Fnodetypes/Java8. The convention for URLs in the Winery are: winery/type/namespace/id (see REST API).

  • winery: http://localhost:8080/winery

  • type: nodetypes

  • namespace: http%253A%252F%252Fopentosca.org%252Fnodetypes

  • id: Java8

We have a closer look to the namespace part http%253A%252F%252Fopentosca.org%252Fnodetypes: The ‘/’ and ‘:’ of the URI are double percent-encoded, i.e., : is encoded –> %3A is encoded –> %253A (% is encoded –> %25).

If no double encoding would be used http://localhost:8080/winery/nodetypes/http%3A%2F%2Fopentosca.org%252Fnodetypes/Java8 would be the used URL. Web servers such as Apache Tomcat 1, 2, Apache 3, 4, nginx 5, and JBoss 6 forbid this due to security issues. See 7, 8, and 9.

Note that %2F and / are not the same in a URI. See Example 2 in W3C’s URI recommendations.

(2) Encoding of Directory Names

As already mentioned, URLs used in directory names must be encoded. In XML files the location of an tosca:import is, for instance given as: ../imports/http%253A%252F%252Fwww.w3.org%252F2001%252FXMLSchema/http%253A%252F%252Fopentosca.org%252Fproperties/TopicProperties/TopicProperties.xsd, which represents the path of the file. The attribute location is of type anyURI, i.e., this part has to be decoded. If only single encoding is used like ../imports/http%3A%2F%2Fwww.w3.org... the decoding would lead to ../imports/http://www.w3.org..., which is not a valid URI and also not a valid file name.

Summary: Because the namespace is part of the used URI and the namespace itself is a URI too, double encoding is required.