diff options
| author | Ao Song <andy@erlang.org> | 2020-08-12 10:56:27 +0200 |
|---|---|---|
| committer | Ao Song <andy@erlang.org> | 2020-08-13 14:16:20 +0200 |
| commit | 5296ae6c4761f26600c05e447cb0bda78a93b602 (patch) | |
| tree | 1e72fb34b307a42f5e61a0d3a13eb5b25e733ac4 | |
| parent | 6d5a5f31c36bbdaad21585d25974177bd1b75e66 (diff) | |
| download | erlang-5296ae6c4761f26600c05e447cb0bda78a93b602.tar.gz | |
inets, fix an error regarding decode of percent encoded URLs.
Change-Id: I46116c477b0e299018217417a2e302ffa492553e
| -rw-r--r-- | lib/inets/src/http_server/httpd_util.erl | 10 | ||||
| -rw-r--r-- | lib/inets/test/httpd_SUITE.erl | 11 |
2 files changed, 17 insertions, 4 deletions
diff --git a/lib/inets/src/http_server/httpd_util.erl b/lib/inets/src/http_server/httpd_util.erl index 05cff30243..ce7f184d09 100644 --- a/lib/inets/src/http_server/httpd_util.erl +++ b/lib/inets/src/http_server/httpd_util.erl @@ -406,10 +406,11 @@ flatlength([_H|T],L) -> flatlength([],L) -> L. -%% split_path +%% split_path, URI has been decoded once when validate +%% and should only be decoded once(RFC3986, 2.4). split_path(URI) -> - case uri_string:normalize(URI, [return_map]) of + case uri_string:parse(URI) of #{fragment := Fragment, path := Path, query := Query} -> @@ -439,11 +440,12 @@ split_path([$/|Rest],SoFar) -> split_path([C|Rest],SoFar) -> split_path(Rest,[C|SoFar]). -%% split_script_path +%% split_script_path, URI has been decoded once when validate +%% and should only be decoded once(RFC3986, 2.4). split_script_path(URI) -> - case uri_string:normalize(URI, [return_map]) of + case uri_string:parse(URI) of #{fragment := _Fragment, path := _Path, query := _Query} -> diff --git a/lib/inets/test/httpd_SUITE.erl b/lib/inets/test/httpd_SUITE.erl index 0634f6b63d..f4925e00b4 100644 --- a/lib/inets/test/httpd_SUITE.erl +++ b/lib/inets/test/httpd_SUITE.erl @@ -484,6 +484,17 @@ get(Config) when is_list(Config) -> {header, "Content-Type", "text/html"}, {header, "Date"}, {header, "Server"}, + {version, Version}]), + + ok = httpd_test_lib:verify_request(proplists:get_value(type, Config), Host, + proplists:get_value(port, Config), + transport_opts(Type, Config), + proplists:get_value(node, Config), + http_request("GET /.%252e/.%252e/.%252e/.%252e/.%252e/home/ ", Version, Host), + [{statuscode, 404}, + {header, "Content-Type", "text/html"}, + {header, "Date"}, + {header, "Server"}, {version, Version}]). basic_auth_1_1(Config) when is_list(Config) -> |