dhensby
commented
6 months ago Also, I think this is a fix, not a feat. Would you mind amending the commit message please?
Closed AlexanderTar closed 6 months ago
dhensby
commented
6 months ago Also, I think this is a fix, not a feat. Would you mind amending the commit message please?
dhensby
commented
6 months ago @AlexanderTar alternatively, if you allow maintainers to make pushes to your PR branch, I can make the amendments to the PR
AlexanderTar
commented
6 months ago Hi @dhensby - Thanks for reviewing
I have added some test cases from the spec and also made sure it is correctly implemented for @query-param
Feel free to merge if you're happy with this
AlexanderTar
commented
6 months ago Having to re-encode the query parameters is leading to inconsistencies and edge-case issues, really we need a way to get our hands on the raw value of the query string parameter and, I'm afraid, that looks like it'll mean manual parsing of the
url.searchprop.
According to the spec, this is the process for deriving @query-param component:
The value of the name parameter and the component value of a single named parameter are calculated by the following process:
My research showed that searchParams contains a map of URI decoded keys and values, so if name was provided with escaped characters, we have to decode it first before looking up. Similarly, once we found a respective value, it has to be encoded. I would imagine all edge cases should be covered by URL parsing code and as long as they are, we're safe to do encode-decode exercises
dhensby
commented
6 months ago Great - thanks for the clarification and the work put into these PRs! 🎉
github-actions[bot]
commented
6 months ago :tada: This PR is included in version 1.0.3 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures-19#name-path https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures-19#name-query