Incorrect parsing of query string with %3D in parameter name
Reported by Nikolai Lugovoi | May 7th, 2010 @ 10:00 PM
$ irb -rubygems -rrack
irb(main):001:0> Rack::VERSION
=> [1, 1]
irb(main):002:0> Rack::Utils.parse_nested_query("a=b&pid%3D1234=1023")
=> {"pid"=>"1234=1023", "a"=>"b"}
irb(main):003:0>
what i expected, was:
irb(main):002:0> Rack::Utils.parse_nested_query("a=b&pid%3D1234=1023")
=> {"pid=1234" => "1023", "a"=>"b"}
proposed patch
diff --git a/lib/rack/utils.rb b/lib/rack/utils.rb
index f3b1a62..f69e4b6 100644
--- a/lib/rack/utils.rb
+++ b/lib/rack/utils.rb
@@ -61,7 +61,7 @@ module Rack
params = {}
(qs || '').split(d ? /[#{d}] */n : DEFAULT_SEP).each do |p|
-
k, v = unescape(p).split('=', 2) -
endk, v = p.split('=', 2).map {|x| unescape(x) } normalize_params(params, k, v)
Comments and changes to this ticket
-
raggi May 3rd, 2011 @ 07:42 AM
- State changed from “new” to “resolved”
- Milestone order changed from “0” to “0”
Fixed in 9134176
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Nikolai Lugovoi