-
Notifications
You must be signed in to change notification settings - Fork 475
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Special characters in request parameters not fully encoded when generating links from controller methods #1485
Comments
It looks like another case of this issue was reported against Spring Boot: spring-projects/spring-framework#27078 |
Any update on this ?. It causes no clean upgrade path from previous versions. |
This seems to be slightly more tricky than anticipated. We're using Spring Framework's |
I wonder whether the original expectation is actually correct. |
Since “+” is effectively a reserved word in URIs, it needs to be encoded. Or else it will be misprocessed. But we may need to encode not at the quert parameter level. Maybe the whole thing? Maybe we need to spot the usage of “+” on a parameter and do this. Can we spot when to decode a whole URI? |
I don't think we (as in "the Spring HATEOAS codebase") should do anything about encoding in particular, except using Spring Framework APIs. Let's wait for the team discussion for now. |
We now use the encoding rules defined in RFC 6570 (URI templates, API introduced in #1583) to prepare request parameters added to the URIs rendered.
This should be fixed in the latest 1.4 snapshots. Note that we now fully encode the request parameters according to URI template RFC rules, which means that not only the plus gets encoded but also the colon. |
We now use the encoding rules defined in RFC 6570 (URI templates, API introduced in #1583) to prepare request parameters added to the URIs rendered.
Hello,
when generating Links with WebMvcLinkBuilder containing OffsetDateTime the date does not get transformed correctly resulting in a malfunctioning link.
Example:
Passing an OffsetDateTime like
2020-01-01T14:00:00.000+01:00
results in:https://myurl.com/service?date=2020-01-01T14:00:00.000+01:00
where the "+" before the offset gets interpreted by the browser as a space " " instead of:
https://myurl.com/service?date=2020-01-01T14:00:00.000%2b01:00
.Setup:
Links are generated with spring-boot-starter-hateoas in version 2.4.3 without custom config.
Example:
Is this expected behavior or in fact a bug?
Thank you.
The text was updated successfully, but these errors were encountered: