Account for the potential of an equals sign in a query string value
Description
If a query string parameter value contains an = sign - we may not parse it correctly. We have not identified any real world case where this is a problem, but it could be a problem in theory.
For example, if there is a trailing = for base64 encoding padding, this won't matter much because it doesn't affect the value itself. But if some other parameter contained an = in a significant position, it could cause a problem depending if we are directly parsing the value.
robotdan
commented
5 months ago
Account for the potential of an equals sign in a query string value
Description
If a query string parameter value contains an
=sign - we may not parse it correctly. We have not identified any real world case where this is a problem, but it could be a problem in theory.For example, if there is a trailing
=for base64 encoding padding, this won't matter much because it doesn't affect the value itself. But if some other parameter contained an=in a significant position, it could cause a problem depending if we are directly parsing the value.Observed versions
N/A
Affects versions
All
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
Additional context
Add any other context about the problem here.