[cgiapp] CAP Dispatch and encoded backslashes

Ron Savage ron at savage.net.au
Thu Jun 7 19:18:51 EDT 2012 

On 08/06/12 00:41, B. Estrade wrote:
> On Thu, Jun 07, 2012 at 03:45:15PM +1000, Ron Savage wrote:
>> Hi Brett
>>
>> On 07/06/12 13:42, B. Estrade wrote:
>>> On Thu, Jun 07, 2012 at 01:17:12PM +1000, Ron Savage wrote:
>>>> Hi Brett
>>>>
>>>> On 07/06/12 05:37, B. Estrade wrote:
>>>>> I am having an issue with CAP Dispatch that seems to be rearing its
>>>>> ugly head when I send, as part of the route, serialized JSON data.
>>>>> The issue is that I have a value with a backslash in it.
>>>>>
>>>>> I am pretty sure the URL parsing done by Dispatch is splitting on this
>>>>> backslash, but I though that it wouldn't be a problem since it's being
>>>>> sent as an encoded string.
>>>>>
>>>>> When I don't include this one field, it works; when I do, I get a 404
>>>>> thrown by Dispatch.
>>>>
>>>> The documentation says:
>>>> To get the name of the application module the path is split on
>>>> backslahes (C</>).
>>>>
>>>> Clearly (?) it means slash (/), not backslash (\).
>>>
>>> You are right, it's not the backslash, it's the forward slash. I saw
>>> that part in the docs, but I was not sure how to include that in the
>>> serialized string; I assumed if it was uri encoded it'd be fine.
>>
>> So the next question is: Does the problematic / get converted to %2f? If
>> so, I'd expect CAD to ignore it. If not, why not?
>>
>> I'm thinking that if not, you'll have to use JS attached to the submit
>> button to capture the value and encode it yourself.
>
> It is encoded, and I am using YUI 3's Y.IO to submit a POST request.
>
> The whole, serialized JSON encoded is:
>
> %7B%22id%22%3A%228734%22%2C%22name%22%3A%22heello%20the%20dog%22%2C%22email%22%3A%22estrabd%40gmail.com%22%2C%22phone%22%3A%22123456%20%22%2C%22phoneext%22%3A%2278%22%2C%22status%22%3A%22inactive%22%2C%22locale%22%3A%22local%22%2C%22isexempt%22%3Anull%2C%22timezone%22%3A%22American%2FChicago%22%2C%22isdevadmin%22%3Anull%2C%22last_modified%22%3A%222012-06-07%2009%3A36%3A05%22%2C%22adminlvl%22%3A%22-1%22%2C%22vendcode%22%3Anull%2C%22username%22%3A%22iamthefrog%40gmail.com%22%2C%22endday%22%3Anull%2C%22administaffid%22%3A%22-1%22%2C%22startday%22%3Anull%7D
>
> You'll note the offending character at "American%2FChicago".

OK.

Are you using CGI::Application::Dispatch V 3.07?

If so, I'd patch line 8

our $DEBUG   = 0;

to

our $DEBUG   = 1;

and check the log.

What you're looking for is the output of line 660: warn ...

I think you'll find the %2F has been de-coded as per the CGI protocol so 
the code sees a real, live '/'.

-- 
Ron Savage
http://savage.net.au/
Ph: 0421 920 622

More information about the cgiapp mailing list