Uploaded image for project: 'Spring Framework'
  1. Spring Framework
  2. SPR-9791

RestTemplate fails to correctly parse some HTTP URI parameters

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Complete
    • Affects Version/s: 3.1.2
    • Fix Version/s: 3.1.3, 3.2 RC1
    • Component/s: Web
    • Labels:
      None

      Description

      For the following (non-standard but not prohibited) usage of parameters in an URI:
      `http://localhost:8080/rest-sec/api/privilege?q=name=value`
      Where the parameter should be (and indeed, both the browser as well as other libraries to parse it correctly like this):
      name = `q`
      value = `name=jDiedXRD`

      Instead of identifying the one parameter, `RestTemplate` incorrectly identifies two:
      `q=name`
      `value=null`
      This happens regardless of the fact that there isn't even a `&` delimiter in the entire URI.

      This is because HttpUrlTemplate is used to parse the URI into `UriComponents`:
      `UriComponentsBuilder.fromUriString(uriTemplate).build();`
      This essentially fails to properly break out the parameter the regex.

      Note: escaping the `=` character before using the template doesn't work either - the template escapes the entire URI again - which results in an invalid URI)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rstoya05-aop Rossen Stoyanchev
                Reporter:
                eugenparaschiv Eugen Paraschiv
                Last updater:
                Chris Beams
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  5 years, 31 weeks, 5 days ago