You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Robin Brouns (JIRA)" <ji...@apache.org> on 2017/03/31 09:17:41 UTC

[jira] [Created] (SLING-6761) HTL: uri manipulator breaks query parameter encoding

Robin Brouns created SLING-6761:
-----------------------------------

             Summary: HTL: uri manipulator breaks query parameter encoding
                 Key: SLING-6761
                 URL: https://issues.apache.org/jira/browse/SLING-6761
             Project: Sling
          Issue Type: Bug
          Components: Scripting
    Affects Versions: Scripting Sightly Engine 1.0.18, Scripting Sightly Engine 1.0.2
         Environment: AEM 6.1 SP2 - CFP6
AEM 6.2
            Reporter: Robin Brouns


When I try to manipulate a href tag with HTL, and the href contains a query param with encoded percentage sign (%25), the HTL manipulator breaks the URI encoding, resulting in a invalid URI.

For example when we have a *path* property in the repository, containing the following value:

{code}
/example/search?q=6%25-10%25
{code}

and use the following HTL code:

{code}
<a href="${properties.path @ extension = 'html'}">Test with @ HTL URI manipulator</a>
<a href="${properties.path}">Test without @ HTL URI manipulator</a>
{code}

The result will be:

{code}
<a href="/example/search.html?q=6%-10%">Test with @ HTL URI manipulator</a>
<a href="/example/search?q=6%25-10%25">Test without @ HTL URI manipulator</a>
{code}

So the HTL URI manipulation removes the %25 encoding and replaces it with a single percentage sign. Without manipulation the encoding is preserved. Same holds for other HTL uri manipulators like  *@ prependPath*

Other signs like *%3A* aren't affected.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)