@QueryParameter trashes the request body

[jtnord]

Jenkins and plugins versions report

QueryParameter is only supposed to look at the HTTP query but looks also in the RequestBody making it unusable for others

Paste the output here

What Operating System are you using (both controller, and any agents involved in the problem)?

windows java11

Reproduction steps

1. create a method as follows from something accessable from stapler as

public void doFoo(@QueryParameter(required = false) String payload, StaplerRequest request, StaplerResponse response) throws IOException {
   String body = IOUtils.toString(req.getInputStream(), req.getCharacterEncoding());
   System.out.print(body);
}

call the endpoint with curl curl theEddpoint --data blahblahblah

Expected Results

blahblahblah is printed

Actual Results

the string is enmpty

Anything else?

because the query parameter is optional it is not in the URL.

QueryParameter calls request.getParameter(name) which is eventually ServletRequest.getParameter(String)

This code is what will then read the body to find an populate the parameters - meaning the reading of the body later will fail (as it is read the available length of it will be zero)

e.g. for Jetty for example ->
https://github.com/eclipse/jetty.project/blob/bff5b3eb8f5547afd8883029555dd46d06ed7a77/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java#L1046-L1050

This is in violation of the contract of the QueryParameter

[jtnord]

Note: that in the case of Jetty it first checks the content-type and only does it if the content-type if form encoding or multipart data.

[timja]

Seems to be a limitation of servlet spec, workarounds here:
https://stackoverflow.com/a/31928740