-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle parsing of form attributes with no value #10601
Conversation
MicronautHttpData.AttributeImpl is updated to provide an implementation of the setValue method. This implementation is needed in the corner cases where Netty's HttpPostStandardRequestDecoder successfully parses an attribute with no value such as in the body "a&b=2". Tests are added to more thoroughly test the various forms of x-www-form-urlencoded bodies as specified by https://url.spec.whatwg.org/#application/x-www-form-urlencoded. These tests include scenarios where we know and expect that HttpPostStandardRequestDecoder will currently fail to parse an attribute with a name but no value - namely when that attribute is the last one in a given POST body. If HttpPostStandardRequestDecoder is patched in the future, then these expected parsing failures can be moved into the success scenario instead. This partially resolves #10446.
http-server-netty/src/main/java/io/micronaut/http/server/netty/MicronautHttpData.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we using a reactive HTTP Client for these tests?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that I have submitted a PR to Netty to fix the remaining cases that don't parse correctly: netty/netty#13904 |
Quality Gate passedIssues Measures |
MicronautHttpData.AttributeImpl
is updated to provide an implementation of the setValue method. This implementation is needed in the corner cases where Netty'sHttpPostStandardRequestDecoder
successfully parses an attribute with no value such as in the body "a&b=2".Tests are added to more thoroughly test the various forms of x-www-form-urlencoded bodies as specified by https://url.spec.whatwg.org/#application/x-www-form-urlencoded. These tests include scenarios where we know and expect that
HttpPostStandardRequestDecoder
will currently fail to parse an attribute with a name but no value - namely when that attribute is the last one in a given POST body. IfHttpPostStandardRequestDecoder
is patched in the future, then these expected parsing failures can be moved into the success scenario instead.This partially resolves #10446.