Opened 8 years ago

Closed 7 years ago

Last modified 7 years ago

#12932 closed defect (fixed)

[patch][trivial]dojox.dtl.filter.string._urlquote incorrectly encodes chars < 16

Reported by: thobbs Owned by: ben hockey
Priority: low Milestone: 1.8
Component: DojoX DTL Version: 1.6.1
Keywords: Cc: cjolif, chrism1
Blocked By: Blocking:

Description

In dojox/dtl/filter/string.js, the _urlquote function improperly encodes characters whose ordinal value is less than 16. As specified in RFC 1738, a two digit hexadecimal number should follow the '%'. However, characters below 16 are encoded to only use one digit. For example, ASCII character 1 becomes "%1" instead of "%01".

Attachments (1)

12932.patch (638 bytes) - added by thobbs 8 years ago.
Patch to encode all characters with two hex digits

Download all attachments as: .zip

Change History (12)

Changed 8 years ago by thobbs

Attachment: 12932.patch added

Patch to encode all characters with two hex digits

comment:1 Changed 8 years ago by Adam Peller

Summary: dojox.dtl.filter.string._urlquote incorrectly encodes chars < 16[patch][trivial]dojox.dtl.filter.string._urlquote incorrectly encodes chars < 16

comment:2 Changed 8 years ago by mbulman

This is marked as 1.6.1, but doesn't seem to be there.. what's the word?

comment:3 Changed 8 years ago by Adam Peller

Cc: cjolif chrism1 added

Sorry, it appears no one has taken up this patch. "Version" is the version where the problem was reported. Milestone is the target.

comment:4 Changed 8 years ago by ben hockey

Owner: changed from Neil Roberts to thobbs
Status: newpending

thobbs, could you attach a test page that demonstrates the problem that will be fixed by this patch? also, do you have a CLA on file with us?

comment:5 Changed 7 years ago by trac-o-bot

Resolution: invalid
Status: pendingclosed

Because we get so many tickets, we often need to return them to the initial reporter for more information. If that person does not reply within 14 days, the ticket will automatically be closed, and that has happened in this case. If you still are interested in pursuing this issue, feel free to add a comment with the requested information and we will be happy to reopen the ticket if it is still valid. Thanks!

comment:6 Changed 7 years ago by ben hockey

Resolution: invalid
Status: closedreopened

comment:7 Changed 7 years ago by ben hockey

#13669 is a duplicate of this ticket.

comment:8 Changed 7 years ago by Jonathan

Problem also reported in #13669 and other code solution provided.

I can't get JsFiddle? to work, so here's the test case. Run this in your console. Both patches will fix this.

// I've used a tab character ("\t") but anything with a hex value
// between 0 and 9 would demonstrate the problem.
var encodedString = dojox.dtl.filter.strings.urlencode("\t");

console.log('Dojo encodes \t as %9 instead of %09');
console.log(encodedString);

// This should output "\t" or whatever was passed to urlencode() 
// but will fail with current implementation
decodeURIComponent(encodedString);

comment:9 Changed 7 years ago by bill

Owner: changed from thobbs to ben hockey
Status: reopenedassigned

neonstalwart, you reopened, were you going to check this in?

comment:10 Changed 7 years ago by ben hockey

Resolution: fixed
Status: assignedclosed

In [28580]:

pad single digit hex chars with leading 0. fixes #12932 !strict

comment:11 Changed 7 years ago by ben hockey

Milestone: tbd1.8

i could never figure out the CLA status of this patch. it probably isn't a big deal but i used some code i came up with myself. apart from that, the patch was fine.

Note: See TracTickets for help on using tickets.