You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Freeman Yue Fang (Jira)" <ji...@apache.org> on 2021/06/15 18:49:00 UTC

[jira] [Commented] (CXF-8553) UriBuilder does not properly encode query parameters

    [ https://issues.apache.org/jira/browse/CXF-8553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17363850#comment-17363850 ] 

Freeman Yue Fang commented on CXF-8553:
---------------------------------------

Hi [~nlenoire],

Thanks for raising this up, but  I believe this is the expected behaviour of CXF.

Your queryParam is "%250%", here "%25" may represent an encoded string for "%", also "%25" can represent a non-encoded "%" + "25", but CXF can't determine which case exactly is. So in CXF it just take one, in 
org.apache.cxf.jaxrs.utils.HttpUtils, the encodePartiallyEncoded method, it won't encode the string matching pattern
      "percent char followed by two hexadecimal digits". (%25 is in this case)
{code}
/**
     * Encodes partially encoded string. Encode all values but those matching pattern
     * "percent char followed by two hexadecimal digits".
     *
     * @param encoded fully or partially encoded string.
     * @return fully encoded string
     */
    public static String encodePartiallyEncoded(String encoded, boolean query) {
        if (encoded.length() == 0) {
            return encoded;
        }
        Matcher m = ENCODE_PATTERN.matcher(encoded);
.....
{code}

So I think the queryParam in your case should be "%25250%" to avoid ambiguity for CXF.

Best Regards
Freeman

> UriBuilder does not properly encode query parameters
> ----------------------------------------------------
>
>                 Key: CXF-8553
>                 URL: https://issues.apache.org/jira/browse/CXF-8553
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 3.4.3
>            Reporter: Nicolas Lenoire
>            Assignee: Freeman Yue Fang
>            Priority: Major
>
> The JAXRS specification seems unclear regarding how the method
> {code:java}
> UriBuilder.queryParam(String name, Object… values){code}
> treats values w/ URL encoding. However, we could legitimately assume this method properly URL encodes parameter values.
> CXF implementation URL encodes values, but with some defects:
> invoking
> {code:java}UriBuilder.fromUri("my/path").queryParam("p", "%250%").toTemplate(){code}
> produces the URI template
> {code:java}
> my/path?p=%250%25 {code}
> instead of
> {code:java}
> my/path?p=%25250%25{code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)