Skip to content

Consider changing URI un-escaping processing #273

New issue
New issue
Open
Open
Consider changing URI un-escaping processing#273
Assignees
cpurdy
@ggleyzer

Description

@ggleyzer
ggleyzer
opened on Jun 30, 2025

While working on the "uploader" WebApp, Michael (@mrcompator) ran into an assertion while "un-escaping" a file name that came from the java-script based client.

The endpoint has a (@QueryParam fileName) argument, which comes in as a URL encoded string. To convert it to a human readable string, Michael used Uri.unescape(filename) call.

The full signature of that API is:

String unescape(
    String                  text,
    function Boolean(Char)? except       = Null,
    Boolean                 plusIsSpace  = False,
    Boolean                 allowUnicode = False)

When a filename that contained a Unicode character came to the server, that call asserted, since the allowUnicode was not specified and therefore defaulted to False

There are two issues to consider:

  1. Should we automatically un-escape the @QueryParam arguments;
  2. Should we change the default value of the allowUnicode parameter to True

During initial discussion @cpurdy wrote:

... sometimes unescaping is the wrong thing, and sometimes you have to do it 1x, and sometimes you have to do it more than 1x. We need to figure out the right answer, but it may not be obvious

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions