Skip to content

Commit 20e2cd0

Browse files
trowskitrowski
committed
Replace %2F in args with /
1 parent 5655ecb commit 20e2cd0

File tree

2 files changed

+12
-4
lines changed

2 files changed

+12
-4
lines changed

src/Router.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ public function handleRequest(Request $request): Response
7575

7676
$method = $request->getMethod();
7777

78-
$path = \str_ireplace('%2F', '%252F', $request->getUri()->getPath());
78+
$path = \str_ireplace('%2F', '%252F', $request->getUri()->getPath(), $replaceCount);
7979
$path = \rawurldecode($path);
8080

8181
$toMatch = "{$method}\0{$path}";
@@ -92,6 +92,11 @@ public function handleRequest(Request $request): Response
9292
* @var array<string, string> $routeArgs
9393
*/
9494
[, $requestHandler, $routeArgs] = $match;
95+
96+
if ($replaceCount > 0) {
97+
$routeArgs = \array_map(fn (string $arg) => \str_replace('%2F', '/', $arg), $routeArgs);
98+
}
99+
95100
$request->setAttribute(self::class, $routeArgs);
96101

97102
return $requestHandler->handleRequest($request);

test/RouterTest.php

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -209,16 +209,19 @@ public function testMerge(): void
209209

210210
public function testPathIsMatchedDecoded(): void
211211
{
212-
$requestHandler = new ClosureRequestHandler(function () {
212+
$requestHandler = new ClosureRequestHandler(function (Request $request) {
213+
$routeArgs = $request->getAttribute(Router::class);
214+
self::assertSame(['p1' => 'ba/Ω', 'p2' => '/?'], $routeArgs);
215+
213216
return new Response(HttpStatus::OK);
214217
});
215218

216219
$router = new Router($this->server, $this->testLogger, $this->errorHandler);
217-
$router->addRoute("GET", "/fo+%2Fö bar", $requestHandler);
220+
$router->addRoute("GET", "/fo+%2Fö bar/{p1}/{p2}", $requestHandler);
218221

219222
$this->server->start($router, $this->errorHandler);
220223

221-
$uri = "/fo+%2F" . \rawurlencode("ö ") . 'bar';
224+
$uri = "/fo+" . \rawurlencode("/ö ") . 'bar/ba' . \rawurlencode('') . '/' . \rawurlencode('/?');
222225

223226
$request = new Request($this->createMock(Client::class), "GET", Uri\Http::createFromString($uri));
224227
$response = $router->handleRequest($request);

0 commit comments

Comments
 (0)