Fix issue with query string parsing #111

klowe0100 · 2022-03-25T00:01:09Z

This issue was leading to incorrect message digests which led to a 403
forbidden error.

The query parameter 'fields' needed to be decoded before use. Otherwise,
it would be encoded twice somewhere inside the request.META.get
(i think -unconfirmed)

i.e
,(comma) -> %2C -> %252C

This extra encoding caused the message digests to mismatch leading to
the 403 error.

Willing to write test coverage and help implement an alternative fix approach if requested.
Django 4.0.3
Python 3.8
Wagtail 2.16.1

This issue was leading to incorrect message digests which led to a 403 forbidden error. The query parameter 'fields' needed to be decoded before use. Otherwise, it would be encoded twice somewhere inside the request.META.get (i think -unconfirmed) i.e ,(comma) -> %2C -> %252C This extra encoding caused the message digests to mismatch leading to the 403 error.

jacobtoppm

Thanks for contributing! I'm open to this, but I think it does need some test coverage - I haven't encountered this problem so far in testing, so we need to check this doesn't regress in future.

klowe0100 mentioned this pull request Mar 25, 2022

403 on getting list of pages #76

Open

jacobtoppm self-requested a review April 27, 2022 11:42

jacobtoppm requested changes Apr 27, 2022

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix issue with query string parsing #111

Fix issue with query string parsing #111

klowe0100 commented Mar 25, 2022

jacobtoppm left a comment

Fix issue with query string parsing #111

Are you sure you want to change the base?

Fix issue with query string parsing #111

Conversation

klowe0100 commented Mar 25, 2022

jacobtoppm left a comment

Choose a reason for hiding this comment