Uploaded image for project: 'apiman (API Management)'
  1. apiman (API Management)
  2. APIMAN-970

Get parameters are urldecoded too early

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Critical
    • 1.2.2.Final, 1.2.x
    • 1.2.1.Final
    • Gateway
    • None
    • Hide

      Send a GET request with ?key=tom%26jerry

      Expected api call to backend is the same: ?key=tom%26jerry
      Resulting api call to backend is: ?key=tom&jerry

      Show
      Send a GET request with ?key=tom%26jerry Expected api call to backend is the same: ?key=tom%26jerry Resulting api call to backend is: ?key=tom&jerry

    Description

      With parameters such as key=value&another+key=another+value you should first split on &, then split on =, and only then urldecode the resulting parts. Otherwise, you could get this:

      input: key=tom%26jerry
      urldecode (too early!) key=tom&jerry
      split on &: ["key=tom", "jerry"]
      split on =: [["key", "tom"], ["jerry"]]

      instead of as it should have been:

      input: key=tom%26jerry
      split on &: ["key=tom%26jerry"]
      split on =: [["key", "tom%26jerry"]]
      urldecode the parts: [["key", "tom&jerry"]]

      Attachments

        Activity

          People

            ewittman@redhat.com Eric Wittmann
            bramvonk Bram Vonk (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: