RestTemplate fails to correctly parse some HTTP URI parameters [SPR-9791] #14424
Description
Eugen Paraschiv opened SPR-9791 and commented
For the following (non-standard but not prohibited) usage of parameters in an URI:
http://localhost:8080/rest-sec/api/privilege?q=name=value
Where the parameter should be (and indeed, both the browser as well as other libraries to parse it correctly like this):
name = q
value = name=jDiedXRD
Instead of identifying the one parameter, RestTemplate incorrectly identifies two:
q=name
value=null
This happens regardless of the fact that there isn't even a & delimiter in the entire URI.
This is because HttpUrlTemplate is used to parse the URI into UriComponents:
UriComponentsBuilder.fromUriString(uriTemplate).build();
This essentially fails to properly break out the parameter the regex.
Note: escaping the = character before using the template doesn't work either - the template escapes the entire URI again - which results in an invalid URI)
Affects: 3.1.2
Reference URL: http://forum.springsource.org/showthread.php?129138-Possible-bug-in-RestTemplate-double-checking-before-opening-a-JIRA&p=421494
Issue Links:
- Erroneous "0" returned where empty string expected in call through the RestTemplate [SPR-9832] #14465 Erroneous "0" returned where empty string expected in call through the RestTemplate ("duplicates")