Ampersands in POST data parses as Query String Separator
Reported by Matt Todd | July 24th, 2008 @ 05:27 PM | in Release 0.5.2
This can be reproduced with the following code:
class Foos < Application
def bar
self.logger.debug params.inspect
ok
end
Then call:
client.post('/foos/bar', :key => "value&value2")
The interesting log part will reveal:
{:action => 'bar', :controller => 'foos', :key => 'value', :value2 => nil}
Ick.
Comments and changes to this ticket
-
Matt Todd July 24th, 2008 @ 06:10 PM
- State changed from “new” to “resolved”
(from [206f65f37c43869d5ff97cab58c626079ef62a63]) Fixed bug with questionable characters being POSTed and mangled when parsed due to not being escaped. Includes new tests and additional testing actions for generated apps (for testing the client). [#57 state:resolved]
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Matt Todd