Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UriComponentsBuilder does not encode "$" properly [SPR-17168] #21704

Closed
spring-projects-issues opened this issue Aug 12, 2018 · 1 comment
Closed
Assignees
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: bug A general bug
Milestone

Comments

@spring-projects-issues
Copy link
Collaborator

spring-projects-issues commented Aug 12, 2018

Andras Tornai opened SPR-17168 and commented

 

@Test
public void encodeAndExpandDollarSignParameter() {
   UriComponents uri = UriComponentsBuilder
         .fromPath("/whatever").queryParam("q", "{value}").encode().build()
         .expand("JavaClass$1.class");

   assertEquals("/whatever?q=JavaClass%241.class", uri.toString());
}

Expected :/whatever?q=JavaClass%241.class
Actual :/whatever?q=JavaClass%5C%241.class

Thus on server side the JavaClass$1.class value becomes JavaClass$1.class

I made some investigation and this extra \ is there because of this statement: d81ec55#diff-07a4953c743ebcffceaf745f59544ac7R266%C2%A0- maybe it helps

Do I use UriComponentsBuilder incorrectly?


Affects: 5.0.8

Referenced from: commits 99f0129, f23496a

@spring-projects-issues
Copy link
Collaborator Author

spring-projects-issues commented Aug 13, 2018

Rossen Stoyanchev commented

Indeed it looks like we overlooked the effect of quoteReplacement as part of the changes for stricter encoding in #21577. As a workaround you can encode the URI variable values externally via UriUtils#encodeUriVariables:

Map<String, String> vars = Collections.singletonMap("value", "JavaClass$1.class");
Map<String, String> encodedVars = UriUtils.encodeUriVariables(vars);

UriComponents uri = UriComponentsBuilder
		.fromPath("/whatever").queryParam("q", "{value}").build()
		.expand(encodedVars);

assertEquals("/whatever?q=JavaClass%241.class", uri.toString());

@spring-projects-issues spring-projects-issues added type: bug A general bug in: web Issues in web modules (web, webmvc, webflux, websocket) labels Jan 11, 2019
@spring-projects-issues spring-projects-issues added this to the 5.0.9 milestone Jan 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: bug A general bug
Projects
None yet
Development

No branches or pull requests

2 participants