Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-8876

Nuget Passthrough Fails for Skip Tokens

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Duplicate
    • Affects Version/s: 2.11.3, 3.0.0-m4
    • Fix Version/s: None
    • Component/s: NuGet
    • Labels:
    • Story Points:
      2

      Description

      To reproduce:
      1. Create a nuget proxy that points to nuget.org, call it 'nuget-proxy'
      2. Hit this URL:
      http://localhost:8081/nexus/service/local/nuget/nuget-proxy/Search()?$filter=IsLatestVersion&$orderby=DownloadCount%20desc,Id&$skip=0&$top=1000&searchTerm=''&targetFramework='net45'&includePrerelease=false

      3. At the bottom of the XML reply, there's a skip link: <link rel="next" href="..."> After decoding from it being an XML attribute, and URL decoding, it will probably look like:

      http://localhost:8082/nexus/service/local/nuget/nuget-proxy/Search?searchterm=''&$filter=IsLatestVersion&$orderby=DownloadCount desc,Id&$top=960&$skiptoken=1871245,'Microsoft.AspNet.WebPages.WebData','Microsoft.AspNet.WebPages.WebData','3.2.3'

      4. Visit that URL in a browser.
      5. Nexus will, in turn, try to get appropriate content from Nuget.org - unfortunately, the Nexus-specific $skiptoken makes no sense to Nuget, which returns a 400 error, with a big exception in the Nexus console.

      FTR this is only visible to administrators, since the client is shielded from Nexus<->upstream errors; Nexus returns page 2 to the client just fine.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              mprescott Michael Prescott
              Last Updated By:
              Peter Lynch
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title