Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add sanitising of quotes in URLs(and paths) #289

Merged
merged 1 commit into from
Jun 24, 2020
Merged

Add sanitising of quotes in URLs(and paths) #289

merged 1 commit into from
Jun 24, 2020

Conversation

shreys7
Copy link
Member

@shreys7 shreys7 commented Jun 22, 2020

Fixes postmanlabs/postman-app-support#8674
Single/double quotes were not handled correctly in some of the languages.

Languages affected:

  • cURL
  • Java Unirest
  • NodeJS Native (path)
  • Python http.client
  • Swift

@shreys7 shreys7 requested a review from umeshp7 June 22, 2020 11:59
@abhijitkane
Copy link
Member

abhijitkane commented Jun 23, 2020
edited
Loading

@shreys7 were the sanitize functions already written? Also, what would be the correct curl command for curl http://httpbin.org/get?a=a"b'c?

@shreys7
Copy link
Member Author

shreys7 commented Jun 23, 2020

@shreys7 were the sanitize functions already written? Also, what would be the correct curl command for curl http://httpbin.org/get?a=a"b'c?

So, we already had sanitize functions, which basically takes care of escaping a single quote inside a single quote, and the same for double quotes. The sanitization part was present in headers, bodies, etc. But some languages did not have sanitisation of URLs.
for curl http://httpbin.orf/get?a=a"b'c => we put the URL in quotes, and after proper escaping cURL command would look like curl 'http://httpbin.org/get?a=a"b'\''c'

Note: to escape a single quote within a single quote we need to replace a single quote with '\'' for cURL(shell)

@abhijitkane abhijitkane merged commit 7cf1a2d into develop Jun 24, 2020
@umeshp7 umeshp7 deleted the bugfix/quotes-in-url branch October 9, 2020 11:23
@VShingala VShingala mentioned this pull request Apr 19, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abhijitkane abhijitkane abhijitkane approved these changes

@umeshp7 umeshp7 Awaiting requested review from umeshp7

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Escape quotes in the generated code
2 participants
@shreys7 @abhijitkane