Uploaded image for project: 'apiman (API Management)'
  1. apiman (API Management)
  2. APIMAN-970

Get parameters are urldecoded too early

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 1.2.2.Final, 1.2.x
    • 1.2.1.Final
    • Gateway
    • None
    • Hide

      Send a GET request with ?key=tom%26jerry

      Expected api call to backend is the same: ?key=tom%26jerry
      Resulting api call to backend is: ?key=tom&jerry

      Show
      Send a GET request with ?key=tom%26jerry Expected api call to backend is the same: ?key=tom%26jerry Resulting api call to backend is: ?key=tom&jerry

      With parameters such as key=value&another+key=another+value you should first split on &, then split on =, and only then urldecode the resulting parts. Otherwise, you could get this:

      input: key=tom%26jerry
      urldecode (too early!) key=tom&jerry
      split on &: ["key=tom", "jerry"]
      split on =: [["key", "tom"], ["jerry"]]

      instead of as it should have been:

      input: key=tom%26jerry
      split on &: ["key=tom%26jerry"]
      split on =: [["key", "tom%26jerry"]]
      urldecode the parts: [["key", "tom&jerry"]]

              ewittman@redhat.com Eric Wittmann
              bramvonk Bram Vonk (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: