Skip to content

A multipart graphql request is sensitive to the default charset of the jvm #392

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
hibnico opened this issue Oct 15, 2021 · 0 comments
Closed

A multipart graphql request is sensitive to the default charset of the jvm #392

hibnico opened this issue Oct 15, 2021 · 0 comments
Labels
bug
Milestone
13.0.0

Comments

@hibnico
Copy link

hibnico commented Oct 15, 2021

Describe the bug

  • having a GraphQL request which contains characters outside of the ASCII ones, encoded in UTF-8 for instance
  • this request being answered by a server which is configured to have as a default charset "US-ASCII"
  • it results in the data received in the business logic as badly encoded.

For instance, "testééé" is received as "test������"

Expected behavior
The encoding of the multipart request should be respected.

Additional context
I have found the culprit:
https://github.com/graphql-java-kickstart/graphql-java-servlet/blob/master/graphql-java-servlet/src/main/java/graphql/kickstart/servlet/GraphQLMultipartInvocationInputParser.java#L169
The function read of GraphQLMultipartInvocationInputParser is sensitive to the system charset.

Then what should be the correct charset to use ? I have searched hard to find an answer for a multipart, I haven't find a clear one in the specifications. As far as I can tell, the charset of the request should be used, and if none, it should be the default HTTP charset, ISO-8859-1. It is consistent with what I have find the code of tomcat:

It also tells me that the stream of the request shouldn't passed as argument to the various jackson parser in the code of GraphQLMultipartInvocationInputParser. The JSON specification expects only UTF-* encoding. The stream should be parsed as a string with the charset from the request, then send to the json parser.
cf: https://github.com/FasterXML/jackson-core/blob/2.13/src/main/java/com/fasterxml/jackson/core/JsonFactory.java#L1070
@hibnico hibnico added the bug label Oct 15, 2021
@eduarddrenth eduarddrenth mentioned this issue Jan 4, 2022
Closed
@oliemansm oliemansm added this to the 13.0.0 milestone Jan 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
13.0.0
Development

No branches or pull requests
2 participants
@hibnico @oliemansm