[jira] [Resolved] (OLINGO-547) Ampersands in query parameter values cause ExpressionParserExceptions

Fri, 06 Feb 2015 06:42:14 -0800 

     [ 
https://issues.apache.org/jira/browse/OLINGO-547?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Christian Amend resolved OLINGO-547.
------------------------------------
       Resolution: Fixed
    Fix Version/s: V2 2.0.3

Hi Wendy,

thank you for your detailed analysis! It made making a fix very easy :)

Fixed with commit: 
https://git-wip-us.apache.org/repos/asf?p=olingo-odata2.git;a=commit;h=1519a52ad523e688f727975268906b1989b54434

> Ampersands in query parameter values cause ExpressionParserExceptions
> ---------------------------------------------------------------------
>
>                 Key: OLINGO-547
>                 URL: https://issues.apache.org/jira/browse/OLINGO-547
>             Project: Olingo
>          Issue Type: Bug
>          Components: odata2-core
>    Affects Versions: V2 2.0.1
>            Reporter: Wendy Tamm
>            Assignee: Christian Amend
>            Priority: Minor
>             Fix For: V2 2.0.3
>
>
> I believe there is a mistake in the handling of encoded ampersands in query 
> parameter values in org.apache.olingo.odata2.core.servlet.RestUtil, both in 
> extractQueryParameters() on line 95, and identically in 
> extractAllQueryParameters() on line 113:
> {code:title=RestUtil.java, lines 95 & 113|borderStyle=solid}
> List<String> queryParameters = 
> Arrays.asList(Decoder.decode(queryString).split("\\&"));
> {code}
> The query string is decoded before it is split, which causes any encoded 
> ampersand in a parameter value to be split incorrectly. Not only does this 
> simply risk losing important information, it also causes some system query 
> options to not parse properly, like $filter.
> For example, the value in the expression "$filter=Name eq 'Tom%26Jerry'" is 
> split into "$filter=Name eq 'Tom" and "Jerry'", which causes the following 
> exception:
> {noformat}
> org.apache.olingo.odata2.api.uri.expression.ExpressionParserException: 
> Unterminated string literal at position 9 in "Name eq 'Tom".
>       at 
> org.apache.olingo.odata2.core.uri.expression.FilterParserExceptionImpl.createTOKEN_UNDETERMINATED_STRING(FilterParserExceptionImpl.java:226)
>       at 
> org.apache.olingo.odata2.core.uri.expression.Tokenizer.readLiteral(Tokenizer.java:317)
>       at 
> org.apache.olingo.odata2.core.uri.expression.Tokenizer.readLiteral(Tokenizer.java:277)
>       at 
> org.apache.olingo.odata2.core.uri.expression.Tokenizer.tokenize(Tokenizer.java:104)
>       at 
> org.apache.olingo.odata2.core.uri.expression.FilterParserImpl.parseFilterString(FilterParserImpl.java:87)
>       at 
> org.apache.olingo.odata2.core.uri.UriParserImpl.handleSystemQueryOptionFilter(UriParserImpl.java:627)
>       ... 31 more
> {noformat}
> I am working around this by implementing my own query parameter extraction 
> method:
> {code:borderStyle=solid}
> public static Map<String, List<String>> extractAllQueryParameters(final 
> String queryString) {
>     Map<String, List<String>> allQueryParameterMap = new HashMap<String, 
> List<String>>();
>     
>     if (queryString != null && !queryString.isEmpty()) {
>       // split the query string on ampersands (before decoding, to avoid 
> problems with ampersands in values)
>       String[] queryParameters = queryString.split("\\u0026");
>       for (String param : queryParameters) {
>         String decodedParam = Decoder.decode(param);
>         ...
>       }
>     }
>     
>     return allQueryParameterMap;
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to