This repository has been archived by the owner on Feb 25, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
escape or don't use __ow_path
to pass external resource url
#11
Comments
__ow_path
to pass external resource url__ow_path
to pass external resource url
I'd like to keep the change backwards-compatible. This means we could make suggestion B work easily, suggestion A would be a bit harder, but I think we can check for Given that we use this approach in |
I think keeping it backward compatible doesn't gain much and only complicates the checks. |
tripodsan
added a commit
that referenced
this issue
Jun 9, 2020
tripodsan
added a commit
that referenced
this issue
Jun 9, 2020
🎉 This issue has been resolved in version 1.6.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
this action receives the external resource URL as unescaped path suffix via the
__ow_path
parameter. this has the drawback, that the query parameters of the resource URL bleed into the action parameters. this makes it volatile to changes in the resource URL, since eachextractor
needs to anticipate the potential query parameters needed. also, it prevents using query params for real action params.also see:
Suggestion A
The minimal change that could be done is to url-escape the external resource.
so instead of:
we'd use:
Suggestion B
an alternative approach is not to use the
__ow_path
but a normal action parameter, eg:The text was updated successfully, but these errors were encountered: