URI escape default_ and override_ GET params

atheiman commented 8 years ago

Only apply URI.escape to special characters in default_ and override_ GET params.

Only chars I've found that explicitly need URI encoding are curly braces:

?default_username=$option.username works fine
?default_username=${option.username} returns a 400 Bad Request:

bad URI `/chef_environment:ets_alpha_build_65?default_username=${option.username}'.

Note that calling URI.escape multiple times has likely undesired effects because it escapes %:

irb(main):001:0> require 'uri'
=> true
irb(main):002:0> URI.escape '${option.username}'
=> "$%7Boption.username%7D"
irb(main):003:0> URI.escape '$%7Boption.username%7D'
=> "$%257Boption.username%257D"

atheiman commented 8 years ago

Actuallly, this is an issue with WEBrick. Shouldn't be a problem with passenger / apache I assume... The default acceptable chars for a URI are -_.!~*'()a-zA-Z\d

http://stackoverflow.com/a/5287528/3343740

A simpler fix for this might be swapping out WEBrick locally for passenger: bundle exec passenger start

This will require a config.ru

atheiman commented 8 years ago

a good example of config.ru with modular sinatra apps: https://groups.google.com/d/msg/sinatrarb/R2ay3usVrMU/a7eP1r1mIxwJ

atheiman commented 8 years ago

another modular sinatra app with config.ru example:

https://www.phusionpassenger.com/library/deploy/config_ru.html#sinatra

atheiman / better-chef-rundeck

URI escape default_ and override_ GET params #5