Special characters in request parameters not fully encoded when generating links from controller methods
See original GitHub issueHello,
when generating Links with WebMvcLinkBuilder containing OffsetDateTime the date does not get transformed correctly resulting in a malfunctioning link.
Example:
Passing an OffsetDateTime like 2020-01-01T14:00:00.000+01:00 results in:
https://myurl.com/service?date=2020-01-01T14:00:00.000+01:00
where the “+” before the offset gets interpreted by the browser as a space " " instead of:
https://myurl.com/service?date=2020-01-01T14:00:00.000%2b01:00.
Setup:
Links are generated with spring-boot-starter-hateoas in version 2.4.3 without custom config. Example:
public void addLinks(MyModel model, OffsetDateTime date) {
model.add(
linkTo(
methodOn(Controller.class)
.getFunction(date))
.withRel("myLink"));
}
Is this expected behavior or in fact a bug?
Thank you.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:2
- Comments:7 (6 by maintainers)
Top Results From Across the Web
RequestParam with special character '+' - java - Stack Overflow
Ok I solved it. I encoded it in my fronted. There were no other options. params.set('phoneNumber', encodeURIComponent(searchParams.
Read more >Using URL encoding to handle special characters in a ...
The <space> character needs to be encoded because it is not a valid URL character. Also, some characters, such as "~" might not...
Read more >Guide to Java URL Encoding/Decoding - Baeldung
Simply put, URL encoding translates special characters from the URL to a representation that adheres to the spec and can be correctly ...
Read more >encodeURI() - JavaScript - MDN Web Docs
The encodeURI() function encodes a URI by replacing each instance of certain characters by one, two, three, or four escape sequences representing the...
Read more >Web on Servlet Stack - Spring
DispatcherServlet. WebFlux. Spring MVC, as many other web frameworks, is designed around the front controller pattern where a central Servlet ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
This should be fixed in the latest 1.4 snapshots. Note that we now fully encode the request parameters according to URI template RFC rules, which means that not only the plus gets encoded but also the colon.
This seems to be slightly more tricky than anticipated. We’re using Spring Framework’s
UriUtils.encodeQueryParam(…)method to encode all query parameters. That (of course) only encodes characters deemed invalud for the URI component and a+is indeed an allowed character for query parameters (see the BNF section here and the definition ofpchar) and thus, doesn’t process it. I.e. this problem doesn’t seem to be Spring HATEOAS specific: neither explicitly setting….encode()on theUriComponentsBuilderchanges the output, nor does URI creation via Spring Framework’s ownMvcUriComponentsBuildercreate a different result. Interestingly,UriComponentsBuilder.fromUriString(…)also properly extracts the original String value (i.e. does not try to unencode the plus sign). I guess I’ll have to take this to the team for further discussion.