Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
0.13.0
-
None
-
None
-
all
Description
KNOX-791 - which tries to address the escaping issues have caused some issues in some cases where we need to decode "&" to "&" like in output rewrites of query parameters
An improvement proposal to introduce a rule decode attribute to set decoding behavior.
Default is no decoding.
This allows to turn this “on” for a specific rule.
Before KNOX-791 "&" used to be decoded to "&" during html parsing.
The issue is that in OUT rewrite rule we will not able to match the query string.
Example:
given html
<a href=http://foo:99/test/&q=bar”>test</a>
rule:
<rule dir="OUT" name="test" pattern="("{scheme}://{host}:{port}/test/?{*}"> <rewrite template="("http://newtest/test/?{*}?{scheme}?{host}?{port}"/> </rule>
This rule above will not work since the “& amp;“ will not be matched.
The proposed change is:
<rule dir="OUT" name="test" decode="true" pattern="("{scheme}://{host}:{port}/test/?{*}"> <rewrite template="("http://newtest/test/?{*}?{scheme}?{host}?{port}"/> </rule>
This will overwrite the default behavior and decode the the &
The following test illustrates the issue of what we would like
to solve.
@Test public void testAmpRewrite() throws Exception { URI goodUri, badUri, outputUri; Matcher<Void> matcher; Matcher<Void>.Match match; Template input, pattern, template; badUri = new URI( "http://foo:99/test/&q=bar"); // we should be able to match goodUri = new URI( "http://foo:99/test/?q=bar"); input = Parser.parseLiteral(goodUri.toString()); pattern = Parser.parseTemplate("{scheme}://{host}:{port}/test/?{*}"); template = Parser.parseTemplate("http://newtest/test/?{*}?{scheme}?{host}?{port}"); // Match query string String expectedUri = "http://newtest/test/?scheme=http&host=foo&port=99&q=bar"; matcher = new Matcher<Void>(); matcher.add(pattern, null); match = matcher.match(input); assertNotNull( match ); outputUri = Expander.expand(template, match.getParams(), null); assertEquals("Not matched", expectedUri, outputUri.toString()); // no match of query string ? input = Parser.parseLiteral(badUri.toString()); match = matcher.match(input); assertNull( match); }