This repository has been archived by the owner on Jun 3, 2021. It is now read-only.
Use CGI::escape rather than URI.escape for query params #16
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explanation:
While SSO worked fine for "normal" email addresses, my usual workflow
involves using the
+
sign to generate reusable email addresses formanual testing purposes (e.g., "myemail+0001@gmail.com",
"myemail+0002@gmail.com", etc.).
Because the
+
symbol represents a space character (" ") within queryparameters, Ambassador's SSO is unable to associate these email
addresses with their respective accounts.
This means users whose email addresses contain the
+
sign cannot loginto their Ambassador portals via SSO. Ambassador otherwise appears to
support email addresses containing the symbol.
CGI::escape properly converts email addresses to their url encoded form,
but URI.escape leaves them as-is:
CGI::escape('abc+123@gmail.com') => "abc%2B123%40gmail.com"
URI.escape('abc+123@gmail.com') => "abc+123@gmail.com"
See these "fun" links: