-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Component name search over endpoint with prefix ++ is returning an empty list #2042
Comments
Came across a similar issue with packages containig "/" but the other way round. Seems the mentioned merge request ( #2043 ) allows searching without encoding but now breaks encoded search strings due to the poor parsing of the query string. There is possibly a better solution to support unencoded parameters. The new "parseQueryString" method looks very unsafe and could possibly break in many possible ways and also could also be a security risk ? The "official" SW360 client implementation DOES urlencode the parameters and is now broken for package names with special chars. |
Maybe the original bug request is just invalid. "+" sign is a special char in URLs, so this should propably be fixed on client side with proper URL encoding |
@JSurf, Thank you for your detail analysis, Could you please create an issue for the same may be with an example to reproduce and tag the changes/PR those are causing this bug you faced. |
Description
Component name search over endpoint with prefix ++ is returning an empty list
How to reproduce
Search for any component with name such as 'Angular++' over the rest endpoint
The text was updated successfully, but these errors were encountered: