fix(request-validation): should not limit the urlencoded post args nu…

…mber (#6396)
apache · Feb 21, 2022 · 9bdee14 · 9bdee14
1 parent 21aa21b
commit 9bdee14
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 1 deletion.
diff --git a/apisix/plugins/request-validation.lua b/apisix/plugins/request-validation.lua
@@ -88,7 +88,9 @@ function _M.rewrite(conf, ctx)
         end
 
         if headers["content-type"] == "application/x-www-form-urlencoded" then
-            req_body, err = ngx.decode_args(body)
+            -- use 0 to avoid truncated result and keep the behavior as the
+            -- same as other platforms
+            req_body, err = ngx.decode_args(body, 0)
         else -- JSON as default
             req_body, err = core.json.decode(body)
         end

diff --git a/t/plugin/request-validation.t b/t/plugin/request-validation.t
@@ -1817,3 +1817,59 @@ qr/object matches none of the required/
 --- error_code: 400
 --- no_error_log
 [error]
+
+
+
+=== TEST 51: add route for urlencoded post data validation
+--- config
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+            local code, body = t('/apisix/admin/routes/1',
+                 ngx.HTTP_PUT,
+                 [[{
+                    "plugins": {
+                        "request-validation": {
+                            "body_schema": {
+                                "type": "object",
+                                "required": ["required_payload"],
+                                "properties": {
+                                    "required_payload": {"type": "string"}
+                                },
+                                "rejected_msg": "customize reject message"
+                            }
+                        }
+                    },
+                    "upstream": {
+                        "nodes": {
+                            "127.0.0.1:1980": 1
+                        },
+                        "type": "roundrobin"
+                    },
+                    "uri": "/echo"
+                }]])
+            if code >= 300 then
+                ngx.status = code
+            end
+            ngx.say(body)
+        }
+    }
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 52: test urlencoded post data
+--- more_headers
+Content-Type: application/x-www-form-urlencoded
+--- request eval
+"POST /echo
+" . "a=b&" x 101 . "required_payload=101-hello"
+--- response_body eval
+qr/101-hello/
+--- no_error_log
+[error]