Escape a Little Less#449
Escape a Little Less#449normj merged 2 commits intoaws:masterfrom chrisoverzero:feature/escape-a-little-less
Conversation
This matches other implementations better, and allows path parameters containing '%2F' (or '%2f', natch) to be routed correctly by ASP.NET Core. Fixes #440
- Corrects Spelling of Internal Method Name
- Uses `StringBuilder`'s `Append` Method More Efficiently
- This is an attempt to pay back some string-manipulation tax paid
in the feature commit of this PR.
- Restores Lost Chainable Contructors of
`ApiGatewayProxyFunction<TStartup>`
- Bug and fix written by the same developer.
Fixes #440
|
Thanks for the PR. Would you mind providing some example resource paths to the conversation? I'll add some test cases. |
|
Oh, yes. Of course. Given the routes:
…in a
(Doing this from memory on a tablet, so please forgive minor errors.) |
|
I was trying those resource paths using on a regular ASP.NET Core running on Kestrel and I'm seeing the results go into |
|
I can't recreate your results. From a fresh [Route("api/[controller]"), ApiController]
public class ValuesController : ControllerBase
{
[HttpGet("{first}/{second}", Name = "Multi")]
public ActionResult Multi(string first, string second) => Ok(new { first, second });
[HttpGet("{only}", Name = "Single")]
public ActionResult Single(string only) => Ok(new { only });
}I get this: cosborn@DEVCOSBORN1 MINGW64 /d/vp/routing-test
$ curl -sS 'http://localhost:5000/api/values/a/b'
{"first":"a","second":"b"}
cosborn@DEVCOSBORN1 MINGW64 /d/vp/routing-test
$ curl -sS 'http://localhost:5000/api/values/a%2Fb'
{"only":"a%2Fb"}Gimme a few, and I'll get this into a |
|
I figured out why I wasn't seeing the same behavior as you. If you run the ASP.NET Core behind IIS Express you get different behavior then just running it standalone through kestrel. |
|
This has been merged into the dev branch 0965c3b I'll chime back here when the change is released. |
|
Version 3.0.4 is released with this PR. Thanks for the PR! |
2 participants
Issue Number
#440
Description of Changes
Double-escapes '%2F' so that it survives unescaping by
WebUtility.UrlDecode. This matches other implementations better, and allows path parameters containing '%2F' (or '%2f', natch) to be routed correctly by ASP.NET Core. If someone suggests a smarter solution, I'll accept it happily. (Also some smaller changes, hopefully uncontroversial, all in a separate commit.)License Acceptance
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. ✔️