Improve query valid regex
Now a query string cannot look like 'foo=bar=foo' anymore.
This commit is contained in:
parent
0e12faff22
commit
835234a52c
|
@ -18,7 +18,6 @@ module URI
|
|||
return self.decode_www_form_18 query
|
||||
end
|
||||
|
||||
|
||||
# Own implementation of decode_www_form.
|
||||
# Shall behave almost like the original method, but without any encoding
|
||||
# stuff.
|
||||
|
@ -28,7 +27,8 @@ module URI
|
|||
#
|
||||
def self.decode_www_form_18(query)
|
||||
return [] if query.empty?
|
||||
unless query.match '='
|
||||
|
||||
unless query.match /^[^#=;&]*=[^#=;&]*([;&][^#=;&]*=[^#=;&]*)*$/
|
||||
raise ArgumentError,
|
||||
"invalid data of application/x-www-form-urlencoded (#{query})"
|
||||
end
|
||||
|
|
|
@ -114,6 +114,32 @@ describe URI, '#parse_query_string' do
|
|||
result.should eq([])
|
||||
end
|
||||
|
||||
# what happend on more than one = without an & or ; in between?
|
||||
it 'throws an error, if more than one = without an & or ; in between' do
|
||||
expect {
|
||||
result = URI::parse_query_string("foo=bar=foo&bar=foo=bar")
|
||||
}.to raise_error(
|
||||
ArgumentError,
|
||||
"invalid data of application/x-www-form-urlencoded "+
|
||||
"(foo=bar=foo&bar=foo=bar)"
|
||||
)
|
||||
end
|
||||
|
||||
it 'throws an error, if more than one & without an = in between' do
|
||||
expect {
|
||||
result = URI::parse_query_string("foo&bar=foo&bar")
|
||||
}.to raise_error(
|
||||
ArgumentError,
|
||||
"invalid data of application/x-www-form-urlencoded (foo&bar=foo&bar)"
|
||||
)
|
||||
end
|
||||
|
||||
it 'throws an error, if more than one ; without an = in between' do
|
||||
expect {
|
||||
result = URI::parse_query_string("foo;bar=foo;bar")
|
||||
}.to raise_error(
|
||||
ArgumentError,
|
||||
"invalid data of application/x-www-form-urlencoded (foo;bar=foo;bar)"
|
||||
)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue