New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exception when JSON body contains % #237
Comments
@Jammjammjamm Sorry but there is nothing that we can do. Steps to isolate the problem in an IRb session: irb(main):001:0> ::Rack::Utils.parse_nested_query(%({"foo": "%"}))
/Users/jodosha/.rubies/ruby-3.1.0/lib/ruby/3.1.0/uri/common.rb:341:in `decode_www_form_component': invalid %-encoding ({"foo": "%"}) (Rack::QueryParser::InvalidParameterError)
# ... |
@Jammjammjamm About the format of the spec above, I suggest to use proper Rack tooling to build your app: # frozen_string_literal: true
require "hanami/middleware/body_parser"
require "hanami/router"
require "rack/builder"
require "rack/test"
require "json"
RSpec.describe "routing wildcard behavior" do
include Rack::Test::Methods
let(:app) do
r = router
Rack::Builder.new do
use Hanami::Middleware::BodyParser, :json
run r
end
end
let(:router) do
Hanami::Router.new do
post "/abc", to: ->(_env) { [200, {}, ["resources/:id"]] }
end
end
it "responds to /abc" do
post "/abc", JSON.generate("foo" => "%"), "CONTENT_TYPE" => "application/json"
expect(last_response.status).to eq(200)
end
end |
I don't think this is a rack problem. The documentation for
This completely breaks non-form-encoded requests and seems like a critical bug. |
@Jammjammjamm thanks for pointing this out. Can you reopen the issue? |
It doesn't look like I have permission to reopen issues. |
@Jammjammjamm @wuarmin Could you please try with the patch here? #240 |
That seems to have resolved the issue for us. |
One of our users reported an error which occurred when they were submitting an AJAX-based form. After some investigation, we discovered that the error was caused by the
%
character in the JSON body of the POST.Here's a basic spec to demonstrate, it occurs with or without the json body parser:
The result:
Stack trace:
The text was updated successfully, but these errors were encountered: