Skip to content

Spring tag library does not encode a URI correctly [SPR-10303] #14937

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
spring-projects-issues opened this issue Feb 15, 2013 · 1 comment
Closed

Spring tag library does not encode a URI correctly [SPR-10303] #14937

spring-projects-issues opened this issue Feb 15, 2013 · 1 comment
Assignees
@rstoyanchev
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: duplicate A duplicate of another issue

Comments

@spring-projects-issues
Copy link
Collaborator

spring-projects-issues commented Feb 15, 2013
edited
Loading

Alexander Hawley opened SPR-10303 and commented

When using the Spring tag lib (http://www.springframework.org/tags), the spring:url tag does not encode a URI correctly. Some reserved characters are not encoded ever, others only sometimes.

For example, the slash character / should be encoded as %2f.

I've tried every permutation I could think of. Templating, not templating, parameters, et al.

Results as follows.

List of strings which contain reserved characters:

List<String> paths = Arrays.asList(
    "foo%boo"
    ,"foo/boo"
    ,"foo?boo"
    ,"foo=boo"
    ,"foo&boo"
    ,"foo#boo"
    ,"foo$boo"
    ,"foo+boo"
    ,"foo,boo"
    ,"foo:boo"
    ,"foo;boo"
    ,"foo@boo"
);

JSP to utilize the Spring tag library:

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"
%><%@ taglib prefix="spring" uri="http://www.springframework.org/tags"
%><!DOCTYPE html>
<html lang="en">
  <head>
    <title></title>
    <meta charset="utf-8"/>
  </head>
  <body>
    <ul>
      <c:forEach items="${paths}" var="path">
        <li>
          <div>path: <code>"<c:out value="${path}"/>"</code></div>
          <div>spring:url, path: <code>"<spring:url value="http://domain.com/${path}" htmlEscape="true"/>"</code></div>
          <div>spring:url, query: <code>"<spring:url value="http://domain.com/?${path}" htmlEscape="true"/>"</code></div>
          <div>spring:url, spring:param: <code>"<spring:url value="" htmlEscape="true"><spring:param name="param" value="${path}"/></spring:url>"</code></div>
          <div>spring:url, spring:param, domain: <code>"<spring:url value="http://domain.com/" htmlEscape="true"><spring:param name="param" value="${path}"/></spring:url>"</code></div>
          <div>spring:url, spring:param, template: <code>"<spring:url value="{param}" htmlEscape="true"><spring:param name="param" value="${path}"/></spring:url>"</code></div>
          <div>spring:url, spring:param, template, path: <code>"<spring:url value="http://domain.com/{param}" htmlEscape="true"><spring:param name="param" value="${path}"/></spring:url>"</code></div>
          <div>spring:url, spring:param, template, query: <code>"<spring:url value="http://domain.com/?{param}" htmlEscape="true"><spring:param name="param" value="${path}"/></spring:url>"</code></div>
        </li>
      </c:forEach>
    </ul>
  </body>
</html>

Result:

path: "foo%boo"
spring:url, path: "http://domain.com/foo%boo"
spring:url, query: "http://domain.com/?foo%boo"
spring:url, spring:param: "?param=foo%25boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo%25boo"
spring:url, spring:param, template: "foo%25boo"
spring:url, spring:param, template, path: "http://domain.com/foo%25boo"
spring:url, spring:param, template, query: "http://domain.com/?foo%25boo"

path: "foo/boo"
spring:url, path: "http://domain.com/foo/boo"
spring:url, query: "http://domain.com/?foo/boo"
spring:url, spring:param: "?param=foo/boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo/boo"
spring:url, spring:param, template: "foo/boo"
spring:url, spring:param, template, path: "http://domain.com/foo/boo"
spring:url, spring:param, template, query: "http://domain.com/?foo/boo"

path: "foo?boo"
spring:url, path: "http://domain.com/foo?boo"
spring:url, query: "http://domain.com/?foo?boo"
spring:url, spring:param: "?param=foo?boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo?boo"
spring:url, spring:param, template: "foo%3Fboo"
spring:url, spring:param, template, path: "http://domain.com/foo%3Fboo"
spring:url, spring:param, template, query: "http://domain.com/?foo%3Fboo"

path: "foo=boo"
spring:url, path: "http://domain.com/foo=boo"
spring:url, query: "http://domain.com/?foo=boo"
spring:url, spring:param: "?param=foo%3Dboo"
spring:url, spring:param, domain: "http://domain.com/?param=foo%3Dboo"
spring:url, spring:param, template: "foo=boo"
spring:url, spring:param, template, path: "http://domain.com/foo=boo"
spring:url, spring:param, template, query: "http://domain.com/?foo=boo"

path: "foo&boo"
spring:url, path: "http://domain.com/foo&boo"
spring:url, query: "http://domain.com/?foo&boo"
spring:url, spring:param: "?param=foo%26boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo%26boo"
spring:url, spring:param, template: "foo&boo"
spring:url, spring:param, template, path: "http://domain.com/foo&boo"
spring:url, spring:param, template, query: "http://domain.com/?foo&boo"

path: "foo#boo"
spring:url, path: "http://domain.com/foo#boo"
spring:url, query: "http://domain.com/?foo#boo"
spring:url, spring:param: "?param=foo%23boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo%23boo"
spring:url, spring:param, template: "foo%23boo"
spring:url, spring:param, template, path: "http://domain.com/foo%23boo"
spring:url, spring:param, template, query: "http://domain.com/?foo%23boo"

path: "foo$boo"
spring:url, path: "http://domain.com/foo$boo"
spring:url, query: "http://domain.com/?foo$boo"
spring:url, spring:param: "?param=foo$boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo$boo"
spring:url, spring:param, template: "foo$boo"
spring:url, spring:param, template, path: "http://domain.com/foo$boo"
spring:url, spring:param, template, query: "http://domain.com/?foo$boo"

path: "foo+boo"
spring:url, path: "http://domain.com/foo+boo"
spring:url, query: "http://domain.com/?foo+boo"
spring:url, spring:param: "?param=foo%2Bboo"
spring:url, spring:param, domain: "http://domain.com/?param=foo%2Bboo"
spring:url, spring:param, template: "foo+boo"
spring:url, spring:param, template, path: "http://domain.com/foo+boo"
spring:url, spring:param, template, query: "http://domain.com/?foo+boo"

path: "foo,boo"
spring:url, path: "http://domain.com/foo,boo"
spring:url, query: "http://domain.com/?foo,boo"
spring:url, spring:param: "?param=foo,boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo,boo"
spring:url, spring:param, template: "foo,boo"
spring:url, spring:param, template, path: "http://domain.com/foo,boo"
spring:url, spring:param, template, query: "http://domain.com/?foo,boo"

path: "foo:boo"
spring:url, path: "http://domain.com/foo:boo"
spring:url, query: "http://domain.com/?foo:boo"
spring:url, spring:param: "?param=foo:boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo:boo"
spring:url, spring:param, template: "foo:boo"
spring:url, spring:param, template, path: "http://domain.com/foo:boo"
spring:url, spring:param, template, query: "http://domain.com/?foo:boo"

path: "foo;boo"
spring:url, path: "http://domain.com/foo;boo"
spring:url, query: "http://domain.com/?foo;boo"
spring:url, spring:param: "?param=foo;boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo;boo"
spring:url, spring:param, template: "foo;boo"
spring:url, spring:param, template, path: "http://domain.com/foo;boo"
spring:url, spring:param, template, query: "http://domain.com/?foo;boo"

path: "foo@boo"
spring:url, path: "http://domain.com/foo@boo"
spring:url, query: "http://domain.com/?foo@boo"
spring:url, spring:param: "?param=foo@boo"
spring:url, spring:param, domain: "http://domain.com/?param=foo@boo"
spring:url, spring:param, template: "foo@boo"
spring:url, spring:param, template, path: "http://domain.com/foo@boo"
spring:url, spring:param, template, query: "http://domain.com/?foo@boo"

Any ideas?

Thanks.

-AH

Affects: 3.1 GA

Issue Links:
@spring-projects-issues
Copy link
Collaborator Author

Alexander Hawley commented

Removed unrelated code.

@spring-projects-issues spring-projects-issues added type: bug A general bug status: duplicate A duplicate of another issue in: web Issues in web modules (web, webmvc, webflux, websocket) labels Jan 11, 2019
This was referenced Jan 11, 2019
Closed
Closed
@spring-projects-issues spring-projects-issues removed the type: bug A general bug label Jan 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rstoyanchev rstoyanchev

Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rstoyanchev @spring-projects-issues