Uploaded image for project: '[Read Only] - Hippo Site Toolkit 2'
  1. [Read Only] - Hippo Site Toolkit 2
  2. HSTTWO-4136

[Back-port to 3.2] - Non-ASCII URL parameter names are not encoded/decoded correctly

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • High
    • Resolution: Fixed
    • None
    • 3.2.9
    • None
    • None
    • Flagged
    • Platform165: pre-GA

    Description

      HstRequestUtils contains a method parseQueryString(javax.servlet.http.HttpServletRequest).

      We have a queryString. We split this on "&" and we split the results on "=". So then we have a (possibly multiple) String[] with 2 values. These values are the name and value of the parameter. Now the code puts the key into a map with a null value. Then it attempts to get the value from the request object to add it to the key we had previously. It doesn't make sense to me as the value was available when the key was put in the map.

                  for (String paramPair : paramPairs) {
                      String[] paramNameAndValue = paramPair.split("=");
      
                      if (paramNameAndValue.length > 0) {
                          queryParamMap.put(paramNameAndValue[0], null);
                      }
                  }
      
                  for (Map.Entry<String, String []> entry : queryParamMap.entrySet()) {
                      entry.setValue(request.getParameterValues(entry.getKey()));
                  }
      

      entry.getKey() is not the same as the key in the request object. entry.getKey() is UTF-8 encoded. But the same value in request is UTF-16 encoded. So not the same. This is most likely because Java internally uses UTF-16 but the request is UTF-8

      This leads to parameters being missing from the render url.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              oscholten Oscar Scholten (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: