[BUG] single urlencoded arg is not allowed

[ZuperZee]

Description
Sending a urlencoded arg returns "500 Internal Server Error"

Setup
(Please provide relevant configs and/or SLS files (be sure to remove sensitive info. There is no general set-up of Salt.)

docker-compose.yml

version: "3"
services:
  master:
    container_name: salt
    image: cdalvaro/docker-salt-master:3005
    volumes:
      - "./roots/:/home/salt/data/srv"
      - "./keys/:/home/salt/data/keys"
      - "./logs/:/home/salt/data/logs"
      - "./config/:/home/salt/data/config"
    ports:
      - "4505:4505"
      - "4506:4506"
      ### salt-api port
      - "8000:8000"
    healthcheck:
      test: ["CMD", "/usr/local/sbin/healthcheck"]
      start_period: 30s
    environment:
      DEBUG: "false"
      TZ: Europe/Madrid
      PUID: 1000
      PGID: 1000
      SALT_LOG_LEVEL: info
      ### salt-api settings
      SALT_API_SERVICE_ENABLED: "True"
      SALT_API_USER: salt_api
      SALT_API_USER_PASS: 4wesomepass2

networks:
  default:
    name: salt_network

config/salt-api.conf

external_auth:
  pam:
    salt_api:
      - .*
      - "@runner"
      - "@wheel"
      - "@jobs"

Please be as specific as possible and give set-up details.

• on-prem machine
• VM (Virtualbox, KVM, etc. please specify)
• VM running on a cloud service, please be explicit and add details
• container (Kubernetes, Docker, containerd, etc. please specify)
• or a combination, please be explicit
• jails if it is FreeBSD

Steps to Reproduce the behavior
(Include debug logs if possible and relevant)

Run

curl https://0.0.0.0:8000/run \
    --insecure \
    -H 'Accept: application/json' \
    -d username='salt_api' \
    -d password='4wesomepass2' \
    -d eauth='pam' \
    -d client='local' \
    -d tgt='*' \
    -d fun='test.kwarg' \
    -d arg='one=1'

returns 500 Internal Server Error

Log from logs/salt/api

2022-09-06 09:17:34,033 [cherrypy.error.140205849689632:213 ][ERROR   ][134] [06/Sep/2022:09:17:34] HTTP 
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/cherrypy/_cprequest.py", line 638, in respond
    self._do_respond(path_info)
  File "/usr/lib/python3/dist-packages/cherrypy/_cprequest.py", line 690, in _do_respond
    self.body.process()
  File "/usr/lib/python3/dist-packages/cherrypy/_cpreqbody.py", line 982, in process
    super(RequestBody, self).process()
  File "/usr/lib/python3/dist-packages/cherrypy/_cpreqbody.py", line 559, in process
    proc(self)
  File "/usr/local/lib/python3.10/dist-packages/salt/netapi/rest_cherrypy/app.py", line 991, in urlencoded_processor
    unserialized_data["arg"][idx] = salt.utils.args.yamlify_arg(value)
TypeError: 'str' object does not support item assignment

Expected behavior
A clear and concise description of what you expected to happen.

To work like sending multiple args and json
These work as intended:
Multiple urlencoded args

curl https://0.0.0.0:8000/run \
    --insecure \
    -H 'Accept: application/json' \
    -d username='salt_api' \
    -d password='4wesomepass2' \
    -d eauth='pam' \
    -d client='local' \
    -d tgt='*' \
    -d fun='test.kwarg' \
    -d arg='one=1' \
    -d arg='two=2'

Single json arg

curl https://0.0.0.0:8000/run \
    --insecure \
    -H 'Accept: application/json' \
    -H 'Content-type: application/json' \
    -d '{
            "username": "salt_api",
            "password": "4wesomepass2",
            "eauth": "pam",
            "client": "local",
            "tgt": "*",
            "fun": "test.kwarg",
            "arg": "one=1"
        }'

Screenshots
If applicable, add screenshots to help explain your problem.

Versions Report

salt --versions-report

(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)

Salt Version:
          Salt: 3005
 
Dependency Versions:
          cffi: Not Installed
      cherrypy: unknown
      dateutil: 2.8.1
     docker-py: Not Installed
         gitdb: 4.0.9
     gitpython: 3.1.24
        Jinja2: 3.1.2
       libgit2: 1.1.0
      M2Crypto: Not Installed
          Mako: 1.1.3
       msgpack: 1.0.4
  msgpack-pure: Not Installed
  mysql-python: 1.4.6
     pycparser: Not Installed
      pycrypto: Not Installed
  pycryptodome: 3.15.0
        pygit2: 1.6.1
        Python: 3.10.4 (main, Jun 29 2022, 12:14:53) [GCC 11.2.0]
  python-gnupg: 0.4.8
        PyYAML: 6.0
         PyZMQ: 20.0.0
         smmap: 5.0.0
       timelib: Not Installed
       Tornado: 4.5.3
           ZMQ: 4.3.3
 
System Versions:
          dist: ubuntu 22.04 Jammy Jellyfish
        locale: utf-8
       machine: x86_64
       release: 5.15.0-47-generic
        system: Linux
       version: Ubuntu 22.04 Jammy Jellyfish

Additional context
Add any other context about the problem here.

[welcome]

Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as possible. In the meantime, here’s some information that may help as you continue your Salt journey.
Please be sure to review our Code of Conduct. Also, check out some of our community resources including:

• Community Wiki
• Salt’s Contributor Guide
• Join our Community Slack
• IRC on LiberaChat
• Salt Project YouTube channel
• Salt Project Twitch channel

There are lots of ways to get involved in our community. Every month, there are around a dozen opportunities to meet with other contributors and the Salt Core team and collaborate in real time. The best way to keep track is by subscribing to the Salt Community Events Calendar.
If you have additional questions, email us at [email protected]. We’re glad you’ve joined our community and look forward to doing awesome things with you!

[crazypenguin]

i also found this exception using with salt api 3005 installed through official yum repo in centos 7, but run 'test.ping' is normal

[rnick]

Same problem here after update to saltstack 3005. If i add 2 'dummy-args' to the api-call, everything works fine.

[zbukhari-apex]

I'm running into this in 3005.1, as 3006.0 is a no-go for us due to jinja include issues, any chance of a 3005.2 or something getting it? From what I understand it's supported and thus should be righted in the 3005.x series?

https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-version-support-lifecycle.html