hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacob L E Blain Christen (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HTTPCLIENT-1192) URIBuilder encodes query parameters twice
Date Fri, 25 May 2012 19:36:23 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1192?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13283701#comment-13283701
] 

Jacob L E Blain Christen edited comment on HTTPCLIENT-1192 at 5/25/12 7:36 PM:
-------------------------------------------------------------------------------

Snippets to demonstrate the problem:

/* works correctly: notice how the redirect_uri value is encoded properly */
URI.create("https://some.awesome-service.com/oauth/token"
    + "?client_id=" + URLEncoder.encode("1234567890","UTF-8")
    + "&client_secret=" + URLEncoder.encode("abcdefghijklmnopqrstuvwxyz","UTF-8")
    + "&code=" + URLEncoder.encode("kjhbdafoiuhw9p78hfibsdklvjbnkjsldvkljncdkjnsadklvjnsalkjdfn","UTF-8")
    + "&redirect_uri=" + URLEncoder.encode("https://localhost/oauth_callback","UTF-8")
).toString()
// https://some.awesome-service.com/oauth/token?client_id=1234567890&client_secret=abcdefghijklmnopqrstuvwxyz&code=kjhbdafoiuhw9p78hfibsdklvjbnkjsldvkljncdkjnsadklvjnsalkjdfn&redirect_uri=https%3A%2F%2Flocalhost%2Foauth_callback


/* works incorrectly: notice how the redirect_uri value is encoded twice (eg %2F becomes %252F)
*/
new URIBuilder("https://some.awesome-service.com/oauth/token")
    .addParameter("client_id","1234567890")
    .addParameter("client_secret","abcdefghijklmnopqrstuvwxyz")
    .addParameter("code","kjhbdafoiuhw9p78hfibsdklvjbnkjsldvkljncdkjnsadklvjnsalkjdfn")
    .addParameter("redirect_uri","https://localhost/oauth_callback")
.build().toString()
// https://some.awesome-service.com/oauth/token?client_id=1234567890&client_secret=abcdefghijklmnopqrstuvwxyz&code=kjhbdafoiuhw9p78hfibsdklvjbnkjsldvkljncdkjnsadklvjnsalkjdfn&redirect_uri=https%253A%252F%252Flocalhost%252Foauth_callback

                
      was (Author: dweomer):
    Snippets to demonstrate the problem:

/* works correctly: notice how the redirect_uri value is encoded properly */
URI.create("https://some.awesome-service.com/oauth/token"
    + "?client_id=" + URLEncoder.encode("1234567890","UTF-8")
    + "&client_secret=" + URLEncoder.encode("abcdefghijklmnopqrstuvwxyz","UTF-8")
    + "&code=" + URLEncoder.encode("kjhbdafoiuhw9p78hfibsdklvjbnkjsldvkljncdkjnsadklvjnsalkjdfn","UTF-8")
    + "&redirect_uri=" + URLEncoder.encode("https://localhost/oauth_callback","UTF-8")
).toString()

/* works incorrectly: notice how the redirect_uri value is encoded twice (eg %2F becomes %252F)
*/
new URIBuilder("https://some.awesome-service.com/oauth/token")
    .addParameter("client_id","1234567890")
    .addParameter("client_secret","abcdefghijklmnopqrstuvwxyz")
    .addParameter("code","kjhbdafoiuhw9p78hfibsdklvjbnkjsldvkljncdkjnsadklvjnsalkjdfn")
    .addParameter("redirect_uri","https://localhost/oauth_callback")
.build().toString()

                  
> URIBuilder encodes query parameters twice
> -----------------------------------------
>
>                 Key: HTTPCLIENT-1192
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1192
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2 Final
>         Environment: JDK 1.6
>            Reporter: Jacob L E Blain Christen
>             Fix For: 4.2.1
>
>
> The URIBuilder is using URLEncodedUtils to encode the keys/values in the query string
before passing it as an argument to a URI constructor that also encodes the query string.
> See the URI constructor description at http://docs.oracle.com/javase/6/docs/api/java/net/URI.html#URI(java.lang.String,%20java.lang.String,%20java.lang.String,%20java.lang.String,%20java.lang.String)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message