Skip to content

Don't set percent encoded queries into Rack Environment's QUERY_STRING #157

@ma2gedev

Description

@ma2gedev

Hi, thanks for making a nice gem!

I noticed Lamby does not set percent encoded queries into Rack environment's QUERY_STRING at this here. My application receives percent decoded queries set in ::Rack::QUERY_STRING. As a result, my app handles double percent decoded query parameters.

For example, inputting example.com/path?xxx=testquery%2B%3D into browser, then ::Rack::QUERY_STRING on Lamby is percent decode like the following:

"QUERY_STRING": "xxx=testquery+="

On the other hand, QUERY_STRING is like the following on Puma:

"QUERY_STRING": "xxx=testquery%2B%3D"

In my opinion, Lamby should sets percent encoded queries into ::Rack::QUERY_STRING like other rack web servers(Puma or Passenger, etc). Rack specification does not say details about QUERY_STRING. However it expects to set percent encoded queries because PATH_INFO may be percent-encoded.

https://github.com/rack/rack/blob/main/SPEC.rdoc

Though this may cause breaking changes, so should also consider to provide a config to change behavior.

Environment

My porject uses Lamby with combination of AWS Lambda integrataion and API Gateway REST API.

  • AWS Lambda integration with API Gateway REST API
  • Lamby version: 4.0.2
  • Rails version: 7.0.4.2

Expected Behavior

::Rack::QUERY_STRING application received is percent-encoded.

Actual Behavior

::Rack::QUERY_STRING application received is not percent-encoded.

Steps to Reproduce

  • create AWS Lambda
  • create API Gateway REST API and integrate with above AWS Lambda
  • enter percent encoded URL into browser

References

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions