Skip to content
This repository
Browse code

Ticket #2295 - Tolerate consecutive delimiters in query parameters

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2375 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
commit 17d2732b1cc50fd97685417080beb72d00609daf 1 parent 0c23f06
Jeremy Kemper jeremy authored
2  actionpack/CHANGELOG
... ... @@ -1,5 +1,7 @@
1 1 *SVN*
2 2
  3 +* Tolerate consecutive delimiters in query parameters. #2295 [darashi@gmail.com]
  4 +
3 5 * Streamline render process, code cleaning. Closes #2294. [skae]
4 6
5 7 * Keep flash after components are rendered. #2291 [Rick Olson, Scott]
3  actionpack/lib/action_controller/cgi_ext/cgi_methods.rb
@@ -11,6 +11,9 @@ def CGIMethods.parse_query_parameters(query_string)
11 11 parsed_params = {}
12 12
13 13 query_string.split(/[&;]/).each { |p|
  14 + # Ignore repeated delimiters.
  15 + next if p.empty?
  16 +
14 17 k, v = p.split('=',2)
15 18 v = nil if (v && v.empty?)
16 19
11 actionpack/test/controller/cgi_test.rb
@@ -14,6 +14,8 @@ def setup
14 14 "action=update_order&full_name=Lau%20Taarnskov&products=4&products=2&products=3"
15 15 @query_string_with_many_equal = "action=create_customer&full_name=abc=def=ghi"
16 16 @query_string_without_equal = "action"
  17 + @query_string_with_many_ampersands =
  18 + "&action=create_customer&&&full_name=David%20Heinemeier%20Hansson"
17 19 end
18 20
19 21 def test_query_string
@@ -66,7 +68,14 @@ def test_query_string_without_equal
66 68 CGIMethods.parse_query_parameters(@query_string_without_equal)
67 69 )
68 70 end
69   -
  71 +
  72 + def test_query_string_with_many_ampersands
  73 + assert_equal(
  74 + { "action" => "create_customer", "full_name" => "David Heinemeier Hansson"},
  75 + CGIMethods.parse_query_parameters(@query_string_with_many_ampersands)
  76 + )
  77 + end
  78 +
70 79 def test_parse_params
71 80 input = {
72 81 "customers[boston][first][name]" => [ "David" ],

0 comments on commit 17d2732

Please sign in to comment.
Something went wrong with that request. Please try again.