fix: dont parse tls/ssl file paths in uri

Author: emadum

lib/core/uri_parser.js

@@ -11,6 +11,11 @@ const ReadPreference = require('./topologies/read_preference');
  */
 const HOSTS_RX = /(mongodb(?:\+srv|)):\/\/(?: (?:[^:]*) (?: : ([^@]*) )? @ )?([^/?]*)(?:\/|)(.*)/;
 
+// Options that reference file paths should not be parsed
+const FILE_PATH_OPTIONS = new Set(
+  ['sslCA', 'sslCert', 'sslKey', 'tlsCAFile', 'tlsCertificateKeyFile'].map(key => key.toLowerCase())
+);
+
 /**
  * Determines whether a provided address matches the provided parent domain in order
  * to avoid certain attack vectors.
@@ -424,7 +429,9 @@ function parseQueryString(query, options) {
     }
 
     const normalizedKey = key.toLowerCase();
-    const parsedValue = parseQueryStringItemValue(normalizedKey, value);
+    const parsedValue = FILE_PATH_OPTIONS.has(normalizedKey)
+      ? value
+      : parseQueryStringItemValue(normalizedKey, value);
     applyConnectionStringOption(result, normalizedKey, parsedValue, options);
   }
 

test/manual/tls_support.test.js

@@ -20,13 +20,13 @@ describe('TLS Support', function() {
     makeConnectionTest(connectionString, tlsSettings)
   );
 
-  const queryString = Object.keys(tlsSettings)
-    .map(key => `${key}=${tlsSettings[key]}`)
-    .join('&');
-  console.log({ tlsSettings, url: `${connectionString}?${queryString}` });
   it(
     'should connect with tls via url options',
-    makeConnectionTest(`${connectionString}?${queryString}`)
+    makeConnectionTest(
+      `${connectionString}?${Object.keys(tlsSettings)
+        .map(key => `${key}=${tlsSettings[key]}`)
+        .join('&')}`
+    )
   );
 });