diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2015-04-05 23:38:19 -0300 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2015-06-17 11:55:59 -0700 |
commit | 75c65fbb3b4a907ef3ebf5e97d0270918607a357 (patch) | |
tree | 0b9edcf4d5b0f18bcc215442e5b572311607975c | |
parent | b515722c2c1506274c5a862c4d6a2bbc079296e6 (diff) | |
download | rack-75c65fbb3b4a907ef3ebf5e97d0270918607a357.tar.gz |
Merge pull request #781 from Nyoho/fix-separator-semicolon-GET
Fix semicolons as separators for GET
-rw-r--r-- | lib/rack/request.rb | 8 | ||||
-rw-r--r-- | test/spec_request.rb | 23 |
2 files changed, 21 insertions, 10 deletions
diff --git a/lib/rack/request.rb b/lib/rack/request.rb index e6e46e9d..d02a1f36 100644 --- a/lib/rack/request.rb +++ b/lib/rack/request.rb @@ -188,7 +188,7 @@ module Rack if @env["rack.request.query_string"] == query_string @env["rack.request.query_hash"] else - p = parse_query(query_string) + p = parse_query(query_string, '&;') @env["rack.request.query_string"] = query_string @env["rack.request.query_hash"] = p end @@ -212,7 +212,7 @@ module Rack form_vars.slice!(-1) if form_vars[-1] == ?\0 @env["rack.request.form_vars"] = form_vars - @env["rack.request.form_hash"] = parse_query(form_vars) + @env["rack.request.form_hash"] = parse_query(form_vars, '&') @env["rack.input"].rewind end @@ -365,8 +365,8 @@ module Rack ip_addresses.reject { |ip| trusted_proxy?(ip) } end - def parse_query(qs) - Utils.parse_nested_query(qs, '&') + def parse_query(qs, d) + Utils.parse_nested_query(qs, d) end def parse_multipart(env) diff --git a/test/spec_request.rb b/test/spec_request.rb index 6f379a0b..e714af4c 100644 --- a/test/spec_request.rb +++ b/test/spec_request.rb @@ -134,14 +134,25 @@ describe Rack::Request do req.params.should.equal "foo" => "bar", "quux" => "bla" end - should "not truncate query strings containing semi-colons #543" do - req = Rack::Request.new(Rack::MockRequest.env_for("/?foo=bar&quux=b;la")) - req.query_string.should.equal "foo=bar&quux=b;la" - req.GET.should.equal "foo" => "bar", "quux" => "b;la" - req.POST.should.be.empty - req.params.should.equal "foo" => "bar", "quux" => "b;la" + should "not truncate query strings containing semi-colons #543 only in POST" do + mr = Rack::MockRequest.env_for("/", + "REQUEST_METHOD" => 'POST', + :input => "foo=bar&quux=b;la") + req = Rack::Request.new mr + req.query_string.should.equal "" + req.GET.should.be.empty + req.POST.should.equal "foo" => "bar", "quux" => "b;la" + req.params.should.equal req.GET.merge(req.POST) end + should "use semi-colons as separators for query strings in GET" do + req = Rack::Request.new(Rack::MockRequest.env_for("/?foo=bar&quux=b;la;wun=duh")) + req.query_string.should.equal "foo=bar&quux=b;la;wun=duh" + req.GET.should.equal "foo" => "bar", "quux" => "b", "la" => nil, "wun" => "duh" + req.POST.should.be.empty + req.params.should.equal "foo" => "bar", "quux" => "b", "la" => nil, "wun" => "duh" + end + should "limit the keys from the GET query string" do env = Rack::MockRequest.env_for("/?foo=bar") |