This repository was archived by the owner on Mar 19, 2019. It is now read-only.
Do not un-escape forward slashes in the request path #146
Comments
|
cc @troydai |
|
Most of the code already exists in https://github.com/aspnet/WebListener/blob/dev/src/Microsoft.Net.Http.Server/RequestProcessing/RequestUriBuilder.cs#L70-L71, we just need to turn it on and validate it. |
cesarblum
pushed a commit
that referenced
this issue
Dec 16, 2015
cesarblum
pushed a commit
that referenced
this issue
Dec 21, 2015
cesarblum
pushed a commit
that referenced
this issue
Dec 22, 2015
cesarblum
pushed a commit
that referenced
this issue
Dec 22, 2015
cesarblum
pushed a commit
that referenced
this issue
Dec 22, 2015
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
WebListener sits on Http.Sys and consumes it's CookedUri by default. Http.Sys defensively un-escapes %2F to a forward slash in violation of the spec. This breaks OData and other frameworks. HttpListener had an app.config setting (https://msdn.microsoft.com/en-us/library/ee624078%28v=vs.110%29.aspx?f=255&MSPPError=-2147217396) where you could ask it to re-parse the path without un-escaping %2F. WebListener should have this behavior by default.
For aspnet/KestrelHttpServer#124 we need something similar, so let's put this in shared code.
The text was updated successfully, but these errors were encountered: