Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

url: parse, replace % not part of urlencoded character #7236

Closed
wants to merge 1 commit into from

3 participants

@Swaagie

Check if % characters are part of an urlencoded char if not replace to prevent malformed uri errors from being thrown, fixes #7234

Will add tests in subsequent commit.

@Swaagie Swaagie [minor] check if % characters are part of an urlencoded char if not r…
…eplace to prevent malformed uri errors from being thrown
2edcc7b
@Nodejs-Jenkins

Thank you for contributing this pull request! Here are a few pointers to make sure your submission will be considered for inclusion.

Commit Swaagie/node@2edcc7b has the following error(s):

  • First line of commit message must be no longer than 50 characters
  • Commit message must indicate the subsystem this commit changes

The following commiters were not found in the CLA:

  • Swaagie

You can fix all these things without opening another issue.

Please see CONTRIBUTING.md for more information

@indutny
Owner

See my reply on the issue.

@indutny indutny closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 4, 2014
  1. @Swaagie

    [minor] check if % characters are part of an urlencoded char if not r…

    Swaagie authored
    …eplace to prevent malformed uri errors from being thrown
This page is out of date. Refresh to see the latest.
Showing with 5 additions and 0 deletions.
  1. +5 −0 lib/url.js
View
5 lib/url.js
@@ -176,6 +176,11 @@ Url.prototype.parse = function(url, parseQueryString, slashesDenoteHost) {
if (atSign !== -1) {
auth = rest.slice(0, atSign);
rest = rest.slice(atSign + 1);
+
+ // Before decoding find % that are not part of encoded characters,
+ // and replace these with encoded %25 otherwise decodeURIComponent
+ // might throw a malformed URI error.
+ auth = auth.replace(/%(?![0-9a-f]{2})/ig, '%25');
this.auth = decodeURIComponent(auth);
}
Something went wrong with that request. Please try again.