Url encoding for get parameters

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Url encoding for get parameters

Patrick Antivackis
Hello,
Before filling a bug i would like to confirm it with you and validating the
way to correct it.

Let's say I want to create a new category which ID is  DVD+R
Creation is ok through the admin interface, but whenever i want to access
this category, the get parameter categoryId=.... of the url is wrong as it's
not encoded, so we have :
https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD+Rinstead
of
https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD%2BR
I take a category example, but it can apply to product, party, .... well all
entities.
In the freemarker templates, the urls usually look like this :
<a
href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId}</@ofbizUrl>">
so is it the ofbizUrl that is not doing it's job, or should the url be :
<a
href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId?url}</@ofbizUrl>">

Thank you in advance for your answer
Reply | Threaded
Open this post in threaded view
|

Re: Url encoding for get parameters

Patrick Antivackis
in fact in the source there is

<a href="https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD&#43;r">
which is really stupid !! as it means 2 parameters.
So the ofbizUrl tag is encoding, but i don't understand why it's
encoding like this.



2009/6/17 Patrick Antivackis <[hidden email]>

> Hello,
> Before filling a bug i would like to confirm it with you and validating the
> way to correct it.
>
> Let's say I want to create a new category which ID is  DVD+R
> Creation is ok through the admin interface, but whenever i want to access
> this category, the get parameter categoryId=.... of the url is wrong as it's
> not encoded, so we have :
> https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD+Rinstead of
>
> https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD%2BR
> I take a category example, but it can apply to product, party, .... well
> all entities.
> In the freemarker templates, the urls usually look like this :
> <a
> href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId}</@ofbizUrl>">
> so is it the ofbizUrl that is not doing it's job, or should the url be :
> <a
> href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId?url}</@ofbizUrl>">
>
> Thank you in advance for your answer
>
>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Url encoding for get parameters

Patrick Antivackis
So after looking into :
framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java
and
framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
the ofbizUrl tag is calling the RequestHandler.makeLink which is using
httpServletResponse.encodeUrl.
So parameters are not url encoded, as contrary to the name
httpServletResponse.encodeUrl is not doing an encoding job of the
parameters.

So back to my initial question, should the ofbizUrl do this url enconding of
the params or should we use the freemarker ?url string function ?


2009/6/17 Patrick Antivackis <[hidden email]>

> in fact in the source there is
>
> <a href="https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD&#43;r <https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD+r>">
>
> which is really stupid !! as it means 2 parameters.
> So the ofbizUrl tag is encoding, but i don't understand why it's encoding like this.
>
>
>
> 2009/6/17 Patrick Antivackis <[hidden email]>
>
> Hello,
>> Before filling a bug i would like to confirm it with you and validating
>> the way to correct it.
>>
>> Let's say I want to create a new category which ID is  DVD+R
>> Creation is ok through the admin interface, but whenever i want to access
>> this category, the get parameter categoryId=.... of the url is wrong as it's
>> not encoded, so we have :
>>
>> https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD+Rinstead of
>>
>> https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD%2BR
>> I take a category example, but it can apply to product, party, .... well
>> all entities.
>> In the freemarker templates, the urls usually look like this :
>> <a
>> href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId}</@ofbizUrl>">
>> so is it the ofbizUrl that is not doing it's job, or should the url be :
>> <a
>> href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId?url}</@ofbizUrl>">
>>
>> Thank you in advance for your answer
>>
>>
>>
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: Url encoding for get parameters

Patrick Antivackis
After digging deeper, the widget are also buggy.as the function
buildhyperlinkUrl in
framework/widget/src/org/ofbiz/widget/WidgetWorker.java
is not using url encoding either.

I found that the StringUtil.defaultWebEncoder.encodeForURL shoudl do the
job, but i would like a core developper to have a look to it as the bug is
really central so i would prefer not to create side effects.


2009/6/17 Patrick Antivackis <[hidden email]>

> So after looking into :
> framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java
> and
> framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
> the ofbizUrl tag is calling the RequestHandler.makeLink which is using
> httpServletResponse.encodeUrl.
> So parameters are not url encoded, as contrary to the name
> httpServletResponse.encodeUrl is not doing an encoding job of the
> parameters.
>
> So back to my initial question, should the ofbizUrl do this url enconding
> of the params or should we use the freemarker ?url string function ?
>
>
>
> 2009/6/17 Patrick Antivackis <[hidden email]>
>
>> in fact in the source there is
>>
>> <a href="https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD&#43;r <https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD+r>">
>>
>>
>> which is really stupid !! as it means 2 parameters.
>> So the ofbizUrl tag is encoding, but i don't understand why it's encoding like this.
>>
>>
>>
>> 2009/6/17 Patrick Antivackis <[hidden email]>
>>
>> Hello,
>>> Before filling a bug i would like to confirm it with you and validating
>>> the way to correct it.
>>>
>>> Let's say I want to create a new category which ID is  DVD+R
>>> Creation is ok through the admin interface, but whenever i want to access
>>> this category, the get parameter categoryId=.... of the url is wrong as it's
>>> not encoded, so we have :
>>>
>>> https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD+Rinstead of
>>>
>>> https://localhost:8443/catalog/control/EditCategory?productCategoryId=DVD%2BR
>>> I take a category example, but it can apply to product, party, .... well
>>> all entities.
>>> In the freemarker templates, the urls usually look like this :
>>> <a
>>> href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId}</@ofbizUrl>">
>>> so is it the ofbizUrl that is not doing it's job, or should the url be :
>>> <a
>>> href="<@ofbizUrl>EditCategory?productCategoryId=${productCategoryId?url}</@ofbizUrl>">
>>>
>>> Thank you in advance for your answer
>>>
>>>
>>>
>>>
>>
>