From 90538a3b4610ba49ce16c997bcfdb9101f9503be Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 11 Dec 2023 15:45:20 +0000 Subject: [PATCH] Ensure that ASGI 'raw_path' does not include query component of URL. (#2999) --- CHANGELOG.md | 1 + httpx/_transports/asgi.py | 2 +- tests/test_asgi.py | 13 +++++++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cf47d0edf1..e682c63c74 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ### Fixed * Allow URLs where username or password contains unescaped '@'. (#2986) +* Ensure ASGI `raw_path` does not include URL query component. (#2999) ## 0.25.2 (24th November, 2023) diff --git a/httpx/_transports/asgi.py b/httpx/_transports/asgi.py index f67f0fbd5b..08cd392f75 100644 --- a/httpx/_transports/asgi.py +++ b/httpx/_transports/asgi.py @@ -103,7 +103,7 @@ async def handle_async_request( "headers": [(k.lower(), v) for (k, v) in request.headers.raw], "scheme": request.url.scheme, "path": request.url.path, - "raw_path": request.url.raw_path, + "raw_path": request.url.raw_path.split(b"?")[0], "query_string": request.url.query, "server": (request.url.host, request.url.port), "client": self.client, diff --git a/tests/test_asgi.py b/tests/test_asgi.py index 14d6df6ded..8bb6dcb7bc 100644 --- a/tests/test_asgi.py +++ b/tests/test_asgi.py @@ -120,6 +120,19 @@ async def test_asgi_raw_path(): assert response.json() == {"raw_path": "/user@example.org"} +@pytest.mark.anyio +async def test_asgi_raw_path_should_not_include_querystring_portion(): + """ + See https://github.com/encode/httpx/issues/2810 + """ + async with httpx.AsyncClient(app=echo_raw_path) as client: + url = httpx.URL("http://www.example.org/path?query") + response = await client.get(url) + + assert response.status_code == 200 + assert response.json() == {"raw_path": "/path"} + + @pytest.mark.anyio async def test_asgi_upload(): async with httpx.AsyncClient(app=echo_body) as client: