incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Muharem Hrnjadovic (JIRA)" <>
Subject [jira] Updated: (COUCHDB-883) Wrong document returned due to incorrect URL decoding
Date Sun, 12 Sep 2010 19:23:48 GMT


Muharem Hrnjadovic updated COUCHDB-883:

    Attachment: logging.diff

I added some logging statements to find out where the a+b -> a b conversion takes place
and came to realize that it happens in handle_request()  (src/couchdb/couch_httpd.erl, line
237) after the 'requested_path_parts' and 'path_parts' are mangled through couch_httpd:unquote()
which in turn calls mochiweb_util:unquote().

A quick experiment confirms that:

$ erl -pz $HOME/src/couchdb/src/mochiweb
Erlang R14A (erts-5.8) [source] [64-bit] [smp:2:2] [rq:2] [async-threads:0] [kernel-poll:false]

Eshell V5.8  (abort with ^G)
1> mochiweb_util:unquote("a+b")
1> .
"a b"

> Wrong document returned due to incorrect URL decoding
> -----------------------------------------------------
>                 Key: COUCHDB-883
>                 URL:
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>    Affects Versions: 1.0.1
>         Environment: Kubuntu 10.4, Firefox 3.6.8
>            Reporter: Taras Puchko
>         Attachments: logging.diff
> I have two documents in my database: "a b" and "a+b". The first can be retrieved via
"/mydb/a%20b" and the second via "/mydb/a%2Bb".
> When I enter "/mydb/a b" in the browser it automatically encodes it so the correct document
is returned. But when I enter "/mydb/a+b" the URL is sent intact since "+" is a valid character
in a path segment according to [1]. The problem is that "GET /mydb/a+b" makes CouchDB return
the document with id "a b" and not the intended one, which is against the URI spec .
> For an informal description of URL encoding one may refer to [2].
> [1]:
> [2]:

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message