Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net/http/request: should not unescape url when calling NewRequest #7356

Closed
gopherbot opened this issue Feb 19, 2014 · 2 comments
Closed

net/http/request: should not unescape url when calling NewRequest #7356

gopherbot opened this issue Feb 19, 2014 · 2 comments
Labels
FrozenDueToAge

Comments

@gopherbot
Copy link
Contributor

by liyinkan:

version of Go: 1.2
os: mac os x

we request server via http.Get and escape the query "t/t"

u := "http://localhost:8888/test/id="; + url.QueryEscape("t/t")
resp, err := http.Get(u)
...

the input url should be http://localhost:8888/test/id=t%2Ft
but actual request is http://localhost:8888/test/id=t/t and server receives that, too.

found NewRequest called url.Parse(urlStr) first and url.Parse will unescape the %2F
@minux
Copy link
Member

minux commented Feb 23, 2014

Comment 1:

in this special case, you will need to construct the net.URL yourself, so
you can't use the convenient function Get, and need to use Do.

Status changed to WorkingAsIntended.

@gopherbot
Copy link
Contributor Author

Comment 2 by liyinkan:

hm.... tried using client.Do but still the SAME problem
u:="http://192.168.1.2:8080/file/%2Ftemp%2Ftest.jpeg"
client := http.Client{
    Transport: &transport,
}
req, _ := http.NewRequest("GET", u, nil)
resp, _ = client.Do(req)
but my server receives
fmt.Println(r.RequestURI)  //    /file//temp/test.jpeg
I think the correct value for requestURI should be "/file/%2Ftemp%2Ftest.jpeg"

@echlebek echlebek mentioned this issue May 13, 2015
Closed
rsc added a commit that referenced this issue Jun 22, 2015
@rsc
net/url: add RawPath field, a hint at the desired encoding of Path
874a605 
Historically we have declined to try to provide real support for URLs
that contain %2F in the path, but they seem to be popping up more
often, especially in (arguably ill-considered) REST APIs that shoehorn
entire paths into individual path elements.

The obvious thing to do is to introduce a URL.RawPath field that
records the original encoding of Path and then consult it during
URL.String and URL.RequestURI. The problem with the obvious thing
is that it breaks backward compatibility: if someone parses a URL
into u, modifies u.Path, and calls u.String, they expect the result
to use the modified u.Path and not the original raw encoding.

Split the difference by treating u.RawPath as a hint: the observation
is that there are many valid encodings of u.Path. If u.RawPath is one
of them, use it. Otherwise compute the encoding of u.Path as before.

If a client does not use RawPath, the only change will be that String
selects a different valid encoding sometimes (the original passed
to Parse).

This ensures that, for example, HTTP requests use the exact
encoding passed to http.Get (or http.NewRequest, etc).

Also add new URL.EscapedPath method for access to the actual
escaped path. Clients should use EscapedPath instead of
reading RawPath directly.

All the old workarounds remain valid.

Fixes #5777.
Might help #9859.
Fixes #7356.
Fixes #8767.
Fixes #8292.
Fixes #8450.
Fixes #4860.
Fixes #10887.
Fixes #3659.
Fixes #8248.
Fixes #6658.
Reduces need for #2782.

Change-Id: I77b88f14631883a7d74b72d1cf19b0073d4f5473
Reviewed-on: https://go-review.googlesource.com/11302
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
@golang golang locked and limited conversation to collaborators Jun 25, 2016
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@minux @gopherbot