Skip Menu |
 

This queue is for tickets about the HTTP-Message CPAN distribution.

Report information
The Basics
Id: 106237
Status: resolved
Priority: 0/
Queue: HTTP-Message

People
Owner: Nobody in particular
Requestors: DCPETROV [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 6.10
Fixed in: (no value)



Subject: URI params are not escaped correctly
MIME-Version: 1.0
X-Mailer: MIME-tools 5.504 (Entity 5.504)
Content-Disposition: inline
X-RT-Interface: Web
Message-ID: <rt-4.0.18-14536-1438635402-1220.0-0-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 416
Download (untitled) / with headers
text/plain 416b
I have simple script which passes something like: #!/usr/bin/env perl use strict; use warnings; use HTTP::Request::Common qw/GET POST DELETE/; use Data::Dumper; my $req = GET 'http://localhost/events?search={"basetag":{"-like":"%devAAAAAAAA%"}}'; warn Dumper( $req->uri->query_form ); Result: $VAR1 = 'search'; $VAR2 = '{"basetag":{"-like":"�vAAAAAAAA%"}}'; It seems like the params are not escaped correctly.
MIME-Version: 1.0
In-Reply-To: <rt-4.0.18-14536-1438635402-1220.0-0-0 [...] rt.cpan.org>
X-Mailer: MIME-tools 5.504 (Entity 5.504)
Content-Disposition: inline
X-RT-Interface: Web
References: <rt-4.0.18-14536-1438635402-1220.0-0-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf-8"
Message-ID: <rt-4.0.18-13519-1438721805-352.106237-0-0 [...] rt.cpan.org>
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 921
Download (untitled) / with headers
text/plain 921b
On 2015-08-03 16:56:42, DCPETROV wrote: Show quoted text
> I have simple script which passes something like: > > #!/usr/bin/env perl > use strict; > use warnings; > use HTTP::Request::Common qw/GET POST DELETE/; > use Data::Dumper; > > my $req = GET 'http://localhost/events?search={"basetag":{"- > like":"%devAAAAAAAA%"}}'; > > warn Dumper( $req->uri->query_form ); > > Result: > $VAR1 = 'search'; > $VAR2 = '{"basetag":{"-like":"�vAAAAAAAA%"}}'; > > It seems like the params are not escaped correctly.
I think it's not the job of HTTP::* to escape something here. After all, the user maybe wanted to use the "%de" escape deliberately. If you want to escape, then you should use a module like URI::QueryParam: my $u = URI->new('http://localhost/events'); $u->query_param('search', '{"basetag":{"-like":"%devAAAAAAAA%"}}'); warn Dumper($u->query_form); Result $VAR1 = 'search'; $VAR2 = '{"basetag":{"-like":"%devAAAAAAAA%"}}';
X-RT-Interface: REST
MIME-Version: 1.0
X-Mailer: MIME-tools 5.504 (Entity 5.504)
RT-Message-ID: <rt-4.0.18-24622-1490922102-1084.106237-0-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: binary
Content-Length: 82


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.