Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Passing a string that contains a semi-colon doesn't properly get encoded #9224
https://github.com/angular/angular.js/blob/master/src/Angular.js#L1128 the comment explains why, but if it breaks rails, hmm --- maybe an option around this would be good
My workaround was to stop sending my JSON data as a param.
I must say that I tend to agree with @DanielHeath here. The way I read this comment from rfc3986 is that
In the mentioned RFC we can read (2.2):
So much for the spec... Then, when we look at what is going on "in the wild" we can easily see that there are multiple
We are not the only ones struggling with the spec / reality interpretation here, ex.:
To sum up: we are in the grey area here.... The spec seem to suggest that we should %-encode all the
Coming back to the issue at hand: we could %-encode
Putting as 1.4 suggestion.
Yeh, this is definitively grey area. And spec really make this open to interpretation... This is one more reason for me to push for a dedicated service that is responsible for request params serialisation - it would be much easier to test / configure this as a separate service.
I work with a platform that has a (partial) implementation of Matrix URIs.
Admittedly, Matrix URIs never became a standard, and are not in widespread use. However, there are definitely existing implementations that rely on unescaped semicolons being in the
IMO, there's enough precedent to make me apprehensive about automatically escaping semicolons in any URI component. If a developer is interacting with an idiosyncratic server implementation, it seems to make the most sense to fix the server, or write an interceptor to "sanitize" URLs before they are sent to the server.
@bobber205's issue is a very specific and isolated use case: Putting semicolons inside of a single query parameter value. In this exact situation (and only this situation), I actually think that it is appropriate to escape semicolons, as server implementations might misinterpret an unescaped semicolon as a delimiter.