Don't set percent encoded queries into Rack Environment's QUERY_STRING
#157
Comments
|
Thanks for the thoughtful issue report. I would be interested in gathering data on how all proxies work. Mostly focusing on REST, HTTP, and Function URLs. Sometimes it is possible they get it wrong on the raw data we have access too. I think we have a test for &[]color=blue&[]color=red too. Using that info, we can write tests, configs, changes etc. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, thanks for making a nice gem!
I noticed Lamby does not set percent encoded queries into Rack environment's
QUERY_STRINGat this here. My application receives percent decoded queries set in::Rack::QUERY_STRING. As a result, my app handles double percent decoded query parameters.For example, inputting
example.com/path?xxx=testquery%2B%3Dinto browser, then::Rack::QUERY_STRINGon Lamby is percent decode like the following:On the other hand, QUERY_STRING is like the following on Puma:
In my opinion, Lamby should sets percent encoded queries into
::Rack::QUERY_STRINGlike other rack web servers(Puma or Passenger, etc). Rack specification does not say details about QUERY_STRING. However it expects to set percent encoded queries because PATH_INFO may be percent-encoded.https://github.com/rack/rack/blob/main/SPEC.rdoc
Though this may cause breaking changes, so should also consider to provide a config to change behavior.
Environment
My porject uses Lamby with combination of AWS Lambda integrataion and API Gateway REST API.
Expected Behavior
::Rack::QUERY_STRINGapplication received is percent-encoded.Actual Behavior
::Rack::QUERY_STRINGapplication received is not percent-encoded.Steps to Reproduce
References
The text was updated successfully, but these errors were encountered: