From f244de0d3c9a2b7c0a536f3d48da2e6c2a3b80f5 Mon Sep 17 00:00:00 2001 From: Thomas Darimont Date: Fri, 7 Jun 2024 16:20:50 +0200 Subject: [PATCH] Fix encoding of '?' in query parameter values by Encode.encodeQueryParam(..) Previously `?` in query parameter values where encoded as is which caused invalid URL values. We now replace `?` characters in query parameter values with `%3F`. Fixes #41060 Signed-off-by: Thomas Darimont --- .../org/jboss/resteasy/reactive/common/util/Encode.java | 2 ++ .../jboss/resteasy/reactive/common/util/EncodeTest.java | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/util/Encode.java b/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/util/Encode.java index 2d3c74996355d..7536e366e5b9b 100644 --- a/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/util/Encode.java +++ b/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/util/Encode.java @@ -95,7 +95,9 @@ public class Encode { case '.': case '_': case '~': + continue; case '?': + queryNameValueEncoding[i] = "%3F"; continue; case ' ': queryNameValueEncoding[i] = "+"; diff --git a/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/util/EncodeTest.java b/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/util/EncodeTest.java index 9e057ce31126f..c53115d687635 100644 --- a/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/util/EncodeTest.java +++ b/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/util/EncodeTest.java @@ -15,4 +15,11 @@ void encodeEmoji() { assertEquals(encodedEmoji, Encode.encodePath(emoji)); assertEquals(encodedEmoji, Encode.encodeQueryParam(emoji)); } + + @Test + void encodeQuestionMarkQueryParameterValue() { + String uriQueryValue = "bar?a=b"; + String encoded = URLEncoder.encode(uriQueryValue, StandardCharsets.UTF_8); + assertEquals(encoded, Encode.encodeQueryParam(uriQueryValue)); + } }