feat: decode percent-encoded path in getPath #2688
Conversation
usualoma
changed the title
| // If the path contains percent encoding, use `indexOf()` to find '?' and return the result immediately. | ||
| // Although this is a performance disadvantage, it is acceptable since we prefer cases that do not include percent encoding. | ||
| const queryIndex = url.indexOf('?', i) | ||
| return decodeURIComponent(url.slice(start, queryIndex === -1 ? undefined : queryIndex)) |
There was a problem hiding this comment.
| return decodeURIComponent(url.slice(start, queryIndex === -1 ? undefined : queryIndex)) | |
| return decodeURI(url.slice(start, queryIndex === -1 ? undefined : queryIndex)) |
There was a problem hiding this comment.
Thanks for the suggestion.
With the current code, if we s/decodeURIComponent/decodeURI/ , the following test fails, are you saying that "id is çawa yî%3F" is the expected result?
- id is çawa yî?
+ id is çawa yî%3FThis can be fixed by reverting 7192497. If we do that, the following test will fail. (double decoded)
- posts of %25
+ posts of %There was a problem hiding this comment.
This can be fixed by reverting 7192497.
Correct.
If we do that, the following test will fail. (double decoded)
Ah, I see now, thanks for explaining! Well, in that case we need to .replaceAll('%25', '%2525') prior to calling decodeURIComponent.
There was a problem hiding this comment.
@szmarczak Thank you!
Unfortunately,
decodeURI('%2F') === decodeURI('%252F')
And cannot in principle be reverted with replaceAll(), since the original information is lost when the decodeURI() is applied.
For my part, I think that "using decodeURI() on a requested URL" is impossible.
There was a problem hiding this comment.
What about doing .replaceAll('%25', '%2525') before calling decodeURI? This means that in order to catch % people will need to use %25 in the path string, e.g. /foo%25bar (not: /foo%bar), but for all other percent-encoded characters it should decode as expected (meaning /foo/bar/ąę should work as expected; also the params should use decodeURIComponent - double decoding should be prevented with the mentioned replaceAll happening just before decodeURI).
There was a problem hiding this comment.
Ah I see, that is true. That's great! I think it will be the spec you want.
I'm not going to include this change in this PR, since this PR has the same result as Django, but I'll make a separate PR for this.
#2672
The author should do the following, if applicable
bun denoifyto generate files for Denobun run format:fix && bun run lint:fixto format the code