From 6b81edac4547ff1a4a09c87fc13a4f06ee737a7c Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 18 Sep 2025 10:59:09 +0000
Subject: [PATCH 1/3] Initial plan


From 41b344b9e4b7617b1738b1d4e1c42208008b2fab Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 18 Sep 2025 11:07:56 +0000
Subject: [PATCH 2/3] Fix RequestValidator URL encoding issue in updatePort
 method

Co-authored-by: manisha1997 <28821901+manisha1997@users.noreply.github.com>
---
 .../com/twilio/security/RequestValidator.java | 27 +++++++++++++------
 .../twilio/security/RequestValidatorTest.java | 26 ++++++++++++++++++
 2 files changed, 45 insertions(+), 8 deletions(-)

diff --git a/src/main/java/com/twilio/security/RequestValidator.java b/src/main/java/com/twilio/security/RequestValidator.java
index 336291fcad..57a92f328c 100644
--- a/src/main/java/com/twilio/security/RequestValidator.java
+++ b/src/main/java/com/twilio/security/RequestValidator.java
@@ -136,14 +136,25 @@ private String addPort(String url) {
 
     private String updatePort(URI url, int newPort) {
         try {
-            return new URI(
-                url.getScheme(),
-                url.getUserInfo(),
-                url.getHost(), 
-                newPort,
-                url.getPath(),
-                url.getQuery(),
-                url.getFragment()).toString();
+            StringBuilder sb = new StringBuilder();
+            sb.append(url.getScheme()).append("://");
+            if (url.getUserInfo() != null) {
+                sb.append(url.getUserInfo()).append("@");
+            }
+            sb.append(url.getHost());
+            if (newPort != -1) {
+                sb.append(":").append(newPort);
+            }
+            if (url.getRawPath() != null) {
+                sb.append(url.getRawPath());
+            }
+            if (url.getRawQuery() != null) {
+                sb.append("?").append(url.getRawQuery());
+            }
+            if (url.getRawFragment() != null) {
+                sb.append("#").append(url.getRawFragment());
+            }
+            return sb.toString();
         } catch (Exception e) {
             return url.toString();
         }
diff --git a/src/test/java/com/twilio/security/RequestValidatorTest.java b/src/test/java/com/twilio/security/RequestValidatorTest.java
index a97418277c..3126eaf585 100644
--- a/src/test/java/com/twilio/security/RequestValidatorTest.java
+++ b/src/test/java/com/twilio/security/RequestValidatorTest.java
@@ -114,4 +114,30 @@ public void testValidateAddsPortHttp() {
         Assert.assertTrue("Validator did not add port 80 to http url", isValid);
     }
 
+    @Test
+    public void testValidatePreservesUrlEncodingInQuery() {
+        // Test case for the specific issue: URLs with encoded characters in query string
+        String urlWithoutPort = "https://someurl.com/somepath?param1=client%3AAnonymous";
+        String urlWithPort = "https://someurl.com:443/somepath?param1=client%3AAnonymous";
+        RequestValidator validator = new RequestValidator("1234567890");
+        
+        // Generate a signature for the URL without port
+        Map<String, String> emptyParams = new HashMap<>();
+        String signature = null;
+        try {
+            java.lang.reflect.Method method = RequestValidator.class.getDeclaredMethod("getValidationSignature", String.class, java.util.Map.class);
+            method.setAccessible(true);
+            signature = (String) method.invoke(validator, urlWithoutPort, emptyParams);
+        } catch (Exception e) {
+            Assert.fail("Could not generate signature: " + e.getMessage());
+        }
+        
+        // Both URLs should validate with the same signature since they should be treated as equivalent
+        boolean validWithoutPort = validator.validate(urlWithoutPort, emptyParams, signature);
+        boolean validWithPort = validator.validate(urlWithPort, emptyParams, signature);
+
+        Assert.assertTrue("URL without port should validate", validWithoutPort);
+        Assert.assertTrue("URL with port should validate (encoding preserved)", validWithPort);
+    }
+
 }

From c4769c1f604935e4ee8aadb2df08e15677afe672 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 18 Sep 2025 11:11:43 +0000
Subject: [PATCH 3/3] Complete fix for RequestValidator URL encoding - handle
 userinfo correctly

Co-authored-by: manisha1997 <28821901+manisha1997@users.noreply.github.com>
---
 src/main/java/com/twilio/security/RequestValidator.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/twilio/security/RequestValidator.java b/src/main/java/com/twilio/security/RequestValidator.java
index 57a92f328c..a9821bb9d5 100644
--- a/src/main/java/com/twilio/security/RequestValidator.java
+++ b/src/main/java/com/twilio/security/RequestValidator.java
@@ -138,8 +138,8 @@ private String updatePort(URI url, int newPort) {
         try {
             StringBuilder sb = new StringBuilder();
             sb.append(url.getScheme()).append("://");
-            if (url.getUserInfo() != null) {
-                sb.append(url.getUserInfo()).append("@");
+            if (url.getRawUserInfo() != null) {
+                sb.append(url.getRawUserInfo()).append("@");
             }
             sb.append(url.getHost());
             if (newPort != -1) {