Keep encoded plus signs in query parameters intact#3448
Keep encoded plus signs in query parameters intact#3448dvag-yannick-reifschneider wants to merge 1 commit intospring-cloud:mainfrom
Conversation
|
I ran into the same issue, I hope this can be merged soon and available in the next release. |
| @Override | ||
| public ServerResponse handle(ServerRequest serverRequest) { | ||
| URI uri = uriResolver.apply(serverRequest); | ||
| boolean encoded = containsEncodedQuery(serverRequest.uri(), serverRequest.params()); |
There was a problem hiding this comment.
Why is this check being removed? Can we assume URI is always encoded?
There was a problem hiding this comment.
I am not sure why this check was added in the first place. In my opinion, spring-cloud-gateway should not encode or decode parameters or URI parts, but leave them untouched. A similar change is also proposed in https://github.com/spring-cloud/spring-cloud-gateway/pull/3437/files
There was a problem hiding this comment.
I think the intent may be if the incoming URI is already encoded, keep the encoding...otherwise don't. Not working that way though, I'm seeing the request is decoded by the time it reaches the backend.
The key is handling replaceQueryParms piece below, may be we need to encode the request parms if the request is already encoded ?
something like
boolean encoded = containsEncodedQuery(serverRequest.uri(), serverRequest.params());
var parms = serverRequest.params();;
if(encoded) {
//pseudo code
parms = encode(serverRequest.params());
}
URI url = UriComponentsBuilder.fromUri(serverRequest.uri())
.scheme(uri.getScheme())
.host(uri.getHost())
.port(uri.getPort())
.replaceQueryParams(parms))
.build(encoded)
.toUri();
| .scheme(uri.getScheme()) | ||
| .host(uri.getHost()) | ||
| .port(uri.getPort()) | ||
| .replaceQueryParams(serverRequest.params()) |
There was a problem hiding this comment.
if you add/change some query params in pre filters they will not be added to request I guess
There was a problem hiding this comment.
Good catch, I assumed query params were already included in serverRequest.uri(). I think this needs an additional integration test.
There was a problem hiding this comment.
I've been trying to fix this issue in our project aswell, and what I find to be working best is this
URI url = UriComponentsBuilder.fromUri(serverRequest.uri())
.scheme(uri.getScheme())
.host(uri.getHost())
.port(uri.getPort())
.replaceQueryParams(serverRequest.params())
.encode()
.build()
.toUri();It solves all cases we have found so far.
|
This issue is closely related to #2065 which has been open for a while now. |
|
Hi @dvag-yannick-reifschneider are you willing to update this PR based on the feedback? If so could you make the PR against the 4.1.x branch? |
6 participants
This change keeps encoded + sign intact in query parameters. Otherwise the plus sign gets decoded and is then interpreted as space character.