Bug #8330

WEBrick::HTTPUtils::parse_query replaces plus (+) with space

Added by Christoph Dwertmann 12 months ago. Updated 12 months ago.

[ruby-core:54601]
Status:Rejected
Priority:Normal
Assignee:Ayumu AIZAWA
Category:lib
Target version:-
ruby -v:ruby 2.0.0p0 (2013-02-24 revision 39474) [x86_64-darwin12.3.0] Backport:1.9.3: UNKNOWN, 2.0.0: UNKNOWN

Description

According to RFC1738, the plus character (+) is a reserved character and may be used unencoded within a URL. Webrick however replaces plus signs with spaces, which violates the spec and causes a loss of information. An encoded plus character (%2B) is correctly decoded by Webrick.

This bug affects Ruby 1.8, 1.9 and 2.0.

$ irb
irb(main):001:0> require "webrick"
=> true
irb(main):002:0> WEBrick::HTTPUtils::parsequery("a+b c")
=> {"a b c"=>""}
irb(main):003:0> WEBrick::HTTPUtils::parse
query("a%2Bb%20c")
=> {"a+b c"=>""}
irb(main):004:0> D

History

#1 Updated by Ayumu AIZAWA 12 months ago

I am not sure about RFC, but attached patch could fix this issue.
I want to get feedback from an expert about this.
https://github.com/ayumin/ruby/commit/179602196f25d1fd7350cfd88a44f0a5c49be3aa

#2 Updated by Ayumu AIZAWA 12 months ago

  • Category set to lib
  • Assignee set to Ayumu AIZAWA

#3 Updated by Yui NARUSE 12 months ago

  • Status changed from Open to Rejected

WEBrick::HTTPUtils::parse_query decodes application/x-www-form-urlencoded; it's encodes " " as "+".
see also http://url.spec.whatwg.org/#application/x-www-form-urlencoded

Also available in: Atom PDF