From 63e0d5c7c280d60483a2fd2fbff71b84ac8056af Mon Sep 17 00:00:00 2001 From: Veloman Yunkan Date: Wed, 25 Jan 2023 16:52:36 +0400 Subject: [PATCH] RequestContext::get_query() is fully URI-encoded --- src/opds_dumper.cpp | 2 +- src/server/request_context.cpp | 4 ++-- test/library_server.cpp | 22 +++++++++++----------- test/server.cpp | 4 ++-- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/src/opds_dumper.cpp b/src/opds_dumper.cpp index 072c3ce79..d4719b4a8 100644 --- a/src/opds_dumper.cpp +++ b/src/opds_dumper.cpp @@ -216,7 +216,7 @@ string OPDSDumper::dumpOPDSFeedV2(const std::vector& bookIds, const {"endpoint_root", endpointRoot}, {"feed_id", gen_uuid(libraryId + endpoint + "?" + query)}, {"filter", onlyAsNonEmptyMustacheValue(query)}, - {"query", query.empty() ? "" : "?" + urlEncode(query)}, + {"query", query.empty() ? "" : "?" + query}, {"totalResults", to_string(m_totalResults)}, {"startIndex", to_string(m_startIndex)}, {"itemsPerPage", to_string(m_count)}, diff --git a/src/server/request_context.cpp b/src/server/request_context.cpp index 272c7f737..f5a48c77c 100644 --- a/src/server/request_context.cpp +++ b/src/server/request_context.cpp @@ -116,10 +116,10 @@ MHD_Result RequestContext::fill_argument(void *__this, enum MHD_ValueKind kind, if ( ! _this->queryString.empty() ) { _this->queryString += "&"; } - _this->queryString += key; + _this->queryString += urlEncode(key, true); if ( value ) { _this->queryString += "="; - _this->queryString += value; + _this->queryString += urlEncode(value, true); } return MHD_YES; } diff --git a/test/library_server.cpp b/test/library_server.cpp index f61d94281..a8f349ef0 100644 --- a/test/library_server.cpp +++ b/test/library_server.cpp @@ -193,7 +193,7 @@ TEST_F(LibraryServerTest, catalog_search_by_phrase) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (q="ray charles")\n" + " Filtered zims (q=%22ray%20charles%22)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 2\n" " 0\n" @@ -212,7 +212,7 @@ TEST_F(LibraryServerTest, catalog_search_by_words) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (q=ray charles)\n" + " Filtered zims (q=ray%20charles)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 3\n" " 0\n" @@ -233,7 +233,7 @@ TEST_F(LibraryServerTest, catalog_prefix_search) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (q=description:ray description:charles)\n" + " Filtered zims (q=description%3Aray%20description%3Acharles)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 2\n" " 0\n" @@ -250,7 +250,7 @@ TEST_F(LibraryServerTest, catalog_prefix_search) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (q=title:"ray charles")\n" + " Filtered zims (q=title%3A%22ray%20charles%22)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 1\n" " 0\n" @@ -269,7 +269,7 @@ TEST_F(LibraryServerTest, catalog_search_with_word_exclusion) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (q=ray -uncategorized)\n" + " Filtered zims (q=ray%20-uncategorized)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 2\n" " 0\n" @@ -288,7 +288,7 @@ TEST_F(LibraryServerTest, catalog_search_by_tag) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (tag=_category:jazz)\n" + " Filtered zims (tag=_category%3Ajazz)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 1\n" " 0\n" @@ -342,7 +342,7 @@ TEST_F(LibraryServerTest, catalog_search_by_language) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (lang=eng,fra)\n" + " Filtered zims (lang=eng%2Cfra)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 2\n" " 0\n" @@ -694,7 +694,7 @@ TEST_F(LibraryServerTest, catalog_v2_entries_filtered_by_search_terms) EXPECT_EQ(r->status, 200); EXPECT_EQ(maskVariableOPDSFeedData(r->body), CATALOG_V2_ENTRIES_PREAMBLE("?q=%22ray%20charles%22") - " Filtered Entries (q="ray charles")\n" + " Filtered Entries (q=%22ray%20charles%22)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 2\n" " 0\n" @@ -726,8 +726,8 @@ TEST_F(LibraryServerTest, catalog_v2_entries_filtered_by_language) const auto r = zfs1_->GET("/ROOT/catalog/v2/entries?lang=eng,fra"); EXPECT_EQ(r->status, 200); EXPECT_EQ(maskVariableOPDSFeedData(r->body), - CATALOG_V2_ENTRIES_PREAMBLE("?lang=eng,fra") - " Filtered Entries (lang=eng,fra)\n" + CATALOG_V2_ENTRIES_PREAMBLE("?lang=eng%2Cfra") + " Filtered Entries (lang=eng%2Cfra)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 2\n" " 0\n" @@ -865,7 +865,7 @@ TEST_F(LibraryServerTest, no_name_mapper_returned_catalog_use_uuid_in_link) EXPECT_EQ(maskVariableOPDSFeedData(r->body), OPDS_FEED_TAG " 12345678-90ab-cdef-1234-567890abcdef\n" - " Filtered zims (tag=_category:jazz)\n" + " Filtered zims (tag=_category%3Ajazz)\n" " YYYY-MM-DDThh:mm:ssZ\n" " 1\n" " 0\n" diff --git a/test/server.cpp b/test/server.cpp index 29f1885b1..1086dfe5b 100644 --- a/test/server.cpp +++ b/test/server.cpp @@ -827,7 +827,7 @@ TEST_F(ServerTest, Http400HtmlError) expected_body==R"(

Invalid request

- The requested URL "/ROOT/search?content=non-existing-book&pattern=a"<script foo>" is not a valid request. + The requested URL "/ROOT/search?content=non-existing-book&pattern=a%22%3Cscript%20foo%3E" is not a valid request.

No such book: non-existing-book @@ -910,7 +910,7 @@ TEST_F(ServerTest, HttpXmlError) /* HTTP status code */ 400, /* expected response XML */ R"( Invalid request -The requested URL "/ROOT/search?format=xml&content=non-existing-book&pattern=a"<script foo>" is not a valid request. +The requested URL "/ROOT/search?format=xml&content=non-existing-book&pattern=a%22%3Cscript%20foo%3E" is not a valid request. No such book: non-existing-book )" }, // There is a flaw in our way to handle query string, we cannot differenciate