Remove Java URI validations for Blob Storage providers

[adnanhemani]

This is a retry at #1586, which I'll close if this PR is on the right direction instead.

Java URI does not actually apply any normalization to URIs if we do not call URI.normalize() (which we currently do not). Additionally, blob storage providers like S3 and GCS can provide ".." and "." as valid fragments in URLs - which Java URI would attempt to normalize incorrectly. As a result, attempting to validate and/or normalize URIs for blob storage providers using the Java URI class is the incorrect behavior. While we may want to add location validation via regex later, removing it first should at least unblock the bug we see in #1545.

[snazy]

Can you elaborate on when .. would be a valid in a path? For me, .. is a path-traversal in the presence of it raises the question "why is this not the source of a path-traversal-attack".

[snazy]

I'm also confused on having multiple PRs for the same issue.

[adnanhemani]

I'm also confused on having multiple PRs for the same issue.

Please see #1586 (comment) and #1586 (comment)

[adnanhemani]

Can you elaborate on when .. would be a valid in a path? For me, .. is a path-traversal in the presence of it raises the question "why is this not the source of a path-traversal-attack".

Blob Storage providers like S3 and GCS do not recognize ".." as a path traversal. If you store an object in S3 with the path "s3://abcd/a/b/../c", S3 stores the object exactly as such - it will not normalize the path into "s3://abcd/a/c". While it may be an anti-pattern to make such a location, we should not deviate from what the blob storage provider allows/does. The same can be said about multiple forward slashes together ("s3://abcd/a/b//c" is not the same as "s3://abcd/a/b/c").

As a result, we should only allow ".." and "." normalization in local filesystem calls where these can be resolved - and those are the code paths where Java URI is being used in this PR. WDYT?

[dimas-b]

What if location is FILE:////////tmp/smth?

[adnanhemani]

Good call out - fixed!

[dimas-b]

Do we have tests for multiple leading / chars?

[adnanhemani]

No, we do not, but am introducing in revision. Thanks!

[snazy]

In ADLS / is a literally a path separator, so I guess that has to be normalized.

Sure, in S3 + GCS the path is a plain string. But are patterns like /../ or /// in S3/GCS locations used in practice? I've seen usages of special characters like ", but not /../ or ///.

[dimas-b]

I've heard stories about /../ being used in S3 URI. I think it is preferable for Polaris not to interpret storage URI paths beyond determining "prefix" matches.

[dimas-b]

What is the meaning of this assertion? Is it not preferable to assert exact expected type rather that asserting what the type is not?

[adnanhemani]

This is a good question! AzureLocation is an extension of StorageLocation (due to Azure's very specific way of defining locations). All other locations remain instances of StorageLocation. So if I test that any of these locations (including an instance of AzureLocation) are an instance of StorageLocation, they'll always return true.

This test is basically just testing that we are not creating AzureLocation subclassed objects for these paths.

[dimas-b]

Cf. assertThat(...).isExactlyInstanceOf(...)

[dimas-b]

This PR looks like it provides incremental values as it avoids interpreting storage URIs as RFC-compliant URI. I'd be fine merging it.

I have one comment about test code, though.

[adnanhemani]

But are patterns like /../ or /// in S3/GCS locations used in practice?

Agreed with @dimas-b here. Although users should probably not be doing this, I'd prefer we not make Polaris opinionated on this (since we have no good reason to do so).