Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1995

Percent-encoded ampersand in URI path not preserved

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 4.5.8, 4.5.9
    • Fix Version/s: None
    • Component/s: HttpClient (classic)
    • Labels:
      None
    • Environment:
      Linux Mint 19, OpenJDK 8

      Description

      Starting with HttpClient 4.5.8, percent-encoded ampersand characters in URI path segments are not preserved any longer but written in decoded form to wire due to path normalization performed by URIUtils.rewriteURI(URI, HttpHost).

       

      According to RFC 3986 (page 11+), the ampersand character is a delimiter and thus needs to be percent-encoded when not used for this purpose. Path normalization, as performed by HttpClient v4.5.8+, creates a new URI that is not equivalent to the original URI and thus leads to misinterpretation on server/receiver side.

      URIs that differ in the replacement of a reserved character with its
      corresponding percent-encoded octet are not equivalent. Percent-
      encoding a reserved character, or decoding a percent-encoded octet
      that corresponds to a reserved character, will change how the URI is
      interpreted by most applications.
       

      A very simple test case is as follows:

      @Test
      public void testAmpersand() throws Throwable
      {
          final URI uri = new URI("http://example.org/some/path%26with%20percent/encoded/segments");
          final URI uri2 = URIUtils.rewriteURI(uri, null);
              
          Assert.assertEquals(uri, uri2);
      }
      

       

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                none_ none_
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: