-
Notifications
You must be signed in to change notification settings - Fork 349
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Slash in key lookup breaks URI parser #735
Comments
This seems like it is by design, Mike Pizzo to verify. The comment is actually what appears to be wrong - the slash in the key should be URL encoded, i.e. /Customers('abc%2Fpqr'). |
Forward slashes within the URL (including within a quoted key value) MUST be URL-encoded. The spec includes, as an example of an invalid URL: And calls out the correct format: |
@mikepizzo |
@flieks; can you clarify what version of the libraries you are using? Can you provide a simple repo? |
@mikepizzo we are using Microsoft.AspNetCore.OData (7.0.1) our startup code:
the controller:
it's coming inside DefaultImage when doing |
can confirm it is still not working
|
I confirm that the issue still reproduces on 7.8.3 URI Parser breaks with this error: Bad Request - Error in query syntax |
Until this bug is fixed, I am using this syntax to call my function:
|
I have modified UriPathParser.cs for Framework 4x Theory is reencode the slashes that are between single quotes and then split on the remaining slashes. I've removed: And added: numberOfSegmentsToSkip = serviceBaseUri.AbsolutePath.Split('/').Length - 1;
So far testing is good |
On Microsoft.AspNetCore.App 3.1.28 and Microsoft.AspNetCore.OData 8.0.9, tested: C# parameter: What I got in the title parameter in C# (replacing @ with @ to avoid markdown misinterpretation): This means: 1. Route matching works as expected; 2. Except %2F, all other escape sequences are unescaped. But I still think, for application programmers, it would be nice to have all characters unescaped in the parameter. Otherwise, there is no perfect way to only unescape %2f. For example, if I replace all %2f with /, then if the source URL has %252F, then it would appear as %2f in the parameter as well, but it apparently should not be unescaped, because the percent sign is a literal character. |
In the file odata.net/src/Microsoft.OData.Core/UriParser/Parsers/UriPathParser.cs,
I see the following comment -
// COMPAT 29: Slash in key lookup breaks URI parser
// TODO: The code below has a bug that / in the named values will be considered a segment separator
// so for example /Customers('abc/pqr') is treated as two segments, which is wrong.
I just wanted to check when this issue will be fixed.
The text was updated successfully, but these errors were encountered: