ESP8266WebServer does not handle special characters in JSON body

[liquidfalcon]

Regardless of whether the body is set as plain or application/json, _parseArguments will always perform URL decoding on it, leading to unexpected results.

Example JSON sent:

{ 
  "ssid" : "My+Network",
  "psk" :"special+Password!"
}

After receiving it through ESP8266WebServer

{ 
  "ssid" : "My Network",
  "psk" :"special Password!"
}

Currently it makes it so no JSON can include a plus sign, or any other symbol the URL decoder will pick up.

EDIT: Incidentally, including something like this completely breaks input:

{ "ssid":"SSID+&(!@","psk":"@#$%^&+" }

Double EDIT:

A super simple if else block like this works around it for now:

   if (data.indexOf(F("plain=")) != -1) {
           _currentArgs = new RequestArgument[1];
           RequestArgument& arg = _currentArgs[0];
           arg.key = data.substring(data.indexOf(F("plain=")), data.indexOf(F("=")));
           arg.value = data.substring(data.indexOf(F("=")) + 1);
   } else {

I plan to modify it to include the option to retrieve the raw body payload if the content-type is equal to application/json, and not call _parseArguments. Would you be interested in this as a pull request once this is complete? I think this is the most sensible way to handle JSON data, otherwise it seems to be a bit of a hack to run it past something expecting url/form encoded data.

[igrr]

Need to check this together with #1989.

[me-no-dev]

@liquidfalcon issue should be fixed now. Can you please confirm?

[liquidfalcon]

So, the commits fix the first issue, which was with the plus symbol, but, it still picks up on others, such as the Ampersand, and cuts the payload after that.

For example, here is what I send:
{ "ssid":"SSID+&(!@","psk":"@#$%^&+" }

And this is what I receive for plain
{ "ssid":"SSID+

[me-no-dev]

can you please paste the full request that you are sending so I can test it here?

[liquidfalcon]

Of course - Here's the raw request I tested with using cURL:

POST /config HTTP/1.1
Host: linez-43.local
User-Agent: curl/7.47.1
Accept: */*
Content-Type: application/json
Content-Length: 38

{ "ssid":"SSID+&(!@","psk":"@#$%^&+" }

Command: curl -X POST -d '{ "ssid":"SSID+&(!@","psk":"@#$%^&+" }' -H "Content-Type: application/json" linez-43.local/config -v

[me-no-dev]

great! will do

[me-no-dev]

btw totally different issues :) first was urldecode and here it's trying to parse parameters, which it should not

[me-no-dev]

Fixed! The whole text is copied on it's own without ever being parsed, decoded or anything else.

curl -X POST -d '{ "ssid":"SSID+&(!@","psk":"@#$%^&+" }' -H "Content-Type: application/json" esp.local/test -v
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 192.168.254.182...
* Connected to esp.local (192.168.254.182) port 80 (#0)
> POST /test HTTP/1.1
> Host: esp.local
> User-Agent: curl/7.47.1
> Accept: */*
> Content-Type: application/json
> Content-Length: 38
> 
* upload completely sent off: 38 out of 38 bytes
< HTTP/1.1 200 OK
< Content-Type: text/plain
< Content-Length: 44
< Connection: close
< 
* Closing connection 0
plain={ "ssid":"SSID+&(!@","psk":"@#$%^&+" }

[liquidfalcon]

You're a legend mate, thank you!