[
https://issues.apache.org/jira/browse/WW-5310?focusedWorklogId=863301&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-863301
]
ASF GitHub Bot logged work on WW-5310:
--------------------------------------
Author: ASF GitHub Bot
Created on: 01/Jun/23 17:40
Start Date: 01/Jun/23 17:40
Worklog Time Spent: 10m
Work Description: nikosdimitrakas commented on PR #692:
URL: https://github.com/apache/struts/pull/692#issuecomment-1572515644
You could fix this without changing the signature of the method by defining
that the incoming string must be the query string and nothing more. The fact
that the few callers of the parse method provide everything after the ? in the
url is the problem in my opinion. The class QueryStringParser should only be
working with the query string. This way you can maintain backwards
compatibility and make sure that the query string is handled correctly in the
QuerystringParser and that the fragment identifier is handled correctly in the
other classes (ServletUrlRenderer, ServlerDispatcherResult and
DefaultUrlHelper).
Issue Time Tracking
-------------------
Worklog Id: (was: 863301)
Time Spent: 1h 20m (was: 1h 10m)
> s:url does not handle equal sign correctly
> ------------------------------------------
>
> Key: WW-5310
> URL: https://issues.apache.org/jira/browse/WW-5310
> Project: Struts 2
> Issue Type: Bug
> Components: Core Tags
> Affects Versions: 2.5.30, 6.1.2
> Reporter: nikos dimitrakas
> Priority: Major
> Fix For: 6.2.0
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> We discovered a strange case when a URL is passed to s:url. The URL contains
> an equal sign as part of a parameter value. Example:
> [https://www.scitepress.org/PublicationsDetail.aspx?ID=GjTu91suYQI=&t=1]
> This URL works in the browser even though the equal sign that is part of the
> value of the parameter ID has not been replaced with %3D.
> When this URL is passed to an s:url as value then the equal sign disappears.
> When I put a break point in ComponentTagSupport.doStartTag() I can see that
> the query string has been split and the component.parameters contains the two
> parameters (ID and t), but the equal sign is missing.
> The problem seems to be in ServletUrlRenderer.mergeRequestParameters called
> from beforeRenderUrl. The way the StrutsQueryStringParser.parse splits each
> param of the queryString on equal sign causes all the equal signs to be used,
> not just the first. Shouldn't that split be only on the first equal sign so
> that any remaining equal signs can be considered as part of the value? Just
> by adding a limit of one to the split should fix this.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
