Major Hi,
I've noticed problems with how Undertow handles URL Decoding & Encoding when the config option ALLOW_UNESCAPED_CHARACTERS_IN_URL is enabled:
1. Automatic redirects performed by the servlet container.
For example when the context path does not contain a tailing slash, Undertow will perform an automatic redirect to the same URL, but with an added trailing slash.
In this case, if the original request URL contained any encoded special characters, the redirect URL generated by undertow is missing this character encoding. E.g.
http://localhost:8080/context?foo=%C3%84%C3%84%C3%84
-> 302 Redirect from Undertow with URL http://localhost:8080/context/?foo=ÄÄÄ
2. HttpServletRequest.getQueryString() returns a decoded query string, even thought the API for getQueryString() specifies this:
Returns: a String containing the query string or null if the URL contains no query string. The value is not decoded by the container.
I've created a minimal application to reproduce this problem, which can be found here:
https://github.com/cnsgithub/undertow-encoding-reproducer
