search

unsplash / mercury

The guide of souls to the underworld.
https://unsplash.github.io/mercury/
MIT License
3 stars 0 forks source link

Slack requests missing URL encoding #14

Closed samhh closed 1 year ago

samhh commented 1 year ago

Repro directly against the Slack API:

$ # Replaced with a space character
$ curl -X POST https://slack.com/api/chat.postMessage --oauth2-bearer TOKEN -d channel=CHANNEL -d text=+

$ # Works
$ curl -X POST https://slack.com/api/chat.postMessage --oauth2-bearer TOKEN -d channel=CHANNEL -d text='%2B'

$ # Works
$ curl -X POST https://slack.com/api/chat.postMessage --oauth2-bearer TOKEN -d channel=CHANNEL --data-urlencode text=+

So far this has been confirmed to affect + and &.

Also -X POST is technically redundant but I guess better to be explicit.

samhh commented 1 year ago

Solved by consumers: https://github.com/unsplash/mercury/commit/80772c038d254cd3877d194969a38a26115decfa