Reserved characters in Postgres url
According to https://en.wikipedia.org/wiki/Percent-encoding and https://www.ietf.org/rfc/rfc2396.txt (section 2.2),
+ is a reserved character in URIs. Yet, I see that in some of my Postgres services, the password has a + (for example, here is a part of the DATABASE_URL env: postgres://postgres:dbB4DGbbEAbA+GfDDgB1GAGg1gf*eBbc@..."
This feels like a bug.Percent-encoding
URL encoding, officially known as percent-encoding, is a method to encode arbitrary data in a Uniform Resource Identifier (URI) using only the limited US-ASCII characters legal within a URI. Although it is known as URL encoding, it is also used more generally within the main Uniform Resource Identifier (URI) set, which includes both Uniform Reso...
8 Replies
good catch, am i correct in saying that the only special characters that should show up in the password section of the database url are the special characters section 2.3 lists?
and if so, would this be a sufficient character set to generate a password from?
Yes, generating a password with characters from that list would be sufficient.
@Melissa - current passwords for postgres (and other databases) use reserved characters
let me update those templates, i'll let y'all know when it's done
thanks for catching this ramnivas!
Thanks Melissa and Brody for your quick attention!
done, thanks Ramnivas for the input and Brody for raising 💚
Thanks Melissa!