Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6849

Form parameter names including '%' are not decoded properly

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Major
          • Resolution: Cannot Reproduce
          • Affects Version/s: 3.1.6
          • Fix Version/s: Invalid
          • Component/s: None
          • Labels:
            None
          • Estimated Complexity:
            Unknown

            Description

            Making a POST call that has form parameter name of %25 produces a BufferUnderflowException.

            Additionally, making a POST call with a form parameter name of %25 directly followed by any character that can't represent a hexadecimal value will produce a RuntimeException stating "Invalid URL encoding: not a valid digit (radix 16): <byte value>".

            The source of these exceptions are from UrlUtils#urlDecode and UrlUtils#digit16.

            Note: %25 is the URL encoded version of %. The HTTP request send has a desired form parameter of %.

              Attachments

                Activity

                  People

                  • Assignee:
                    Unassigned
                    Reporter:
                    michael.schilling Michael Schilling
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    3 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: