From 1c45c62cbd355592d7c482a2a6ce37feded6cf04 Mon Sep 17 00:00:00 2001 From: Oliwia Rogala Date: Wed, 30 Oct 2024 15:44:54 +0100 Subject: [PATCH] fix(http): fix encoding of parameter separators --- src/http/serializers/request/format.js | 12 +++++++++--- test/bugs/ui-4071.js | 2 +- test/oas3/execute/main.js | 2 +- test/oas3/execute/style-explode/query.js | 8 ++++---- 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/http/serializers/request/format.js b/src/http/serializers/request/format.js index cd6f9e521..2a6c7e742 100644 --- a/src/http/serializers/request/format.js +++ b/src/http/serializers/request/format.js @@ -121,6 +121,10 @@ function formatKeyValueBySerializationOption(key, value, skipEncoding, serializa : serializationOption && serializationOption.allowReserved ? 'unsafe' : 'reserved'; + const styleSeparator = + style === 'form' && !serializationOption?.allowReserved && !skipEncoding + ? '%2C' + : STYLE_SEPARATORS[style]; const encodeFn = (v) => valueEncoder(v, escape); const encodeKeyFn = skipEncoding ? (k) => k : (k) => encodeFn(k); @@ -137,7 +141,7 @@ function formatKeyValueBySerializationOption(key, value, skipEncoding, serializa // Otherwise, the caller will convert it to a query by qs.stringify. return [[encodeKeyFn(key), value.map(encodeFn)]]; } - return [[encodeKeyFn(key), value.map(encodeFn).join(STYLE_SEPARATORS[style])]]; + return [[encodeKeyFn(key), value.map(encodeFn).join(styleSeparator)]]; } // Object @@ -156,8 +160,10 @@ function formatKeyValueBySerializationOption(key, value, skipEncoding, serializa [ encodeKeyFn(key), Object.keys(value) - .map((valueKey) => [`${encodeKeyFn(valueKey)},${encodeFn(value[valueKey])}`]) - .join(','), + .map((valueKey) => [ + `${encodeKeyFn(valueKey)}${styleSeparator}${encodeFn(value[valueKey])}`, + ]) + .join(styleSeparator), ], ]; } diff --git a/test/bugs/ui-4071.js b/test/bugs/ui-4071.js index 346b74371..bc0b984b8 100644 --- a/test/bugs/ui-4071.js +++ b/test/bugs/ui-4071.js @@ -64,6 +64,6 @@ test('should generate a request with application/x-www-form-urlencoded', () => { headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, - body: 'industries=1,16', + body: 'industries=1%2C16', }); }); diff --git a/test/oas3/execute/main.js b/test/oas3/execute/main.js index 88dc06a5c..ca72460a1 100644 --- a/test/oas3/execute/main.js +++ b/test/oas3/execute/main.js @@ -782,7 +782,7 @@ describe('buildRequest - OpenAPI Specification 3.0', () => { expect(req).toEqual({ method: 'POST', - url: `/?arrayOfObjects=${escape('{"a":{"b":"c"}}')},${escape('{"d":{"e":"f"}}')}&arrayOfArrays=${escape('[{"a":{"b":"c"}}]')}`, + url: `/?arrayOfObjects=${escape('{"a":{"b":"c"}},{"d":{"e":"f"}}')}&arrayOfArrays=${escape('[{"a":{"b":"c"}}]')}`, credentials: 'same-origin', headers: { headerArrayOfObjects: '{"a":{"b":"c"}},{"d":{"e":"f"}}', diff --git a/test/oas3/execute/style-explode/query.js b/test/oas3/execute/style-explode/query.js index e1c66b5f8..151598d0b 100644 --- a/test/oas3/execute/style-explode/query.js +++ b/test/oas3/execute/style-explode/query.js @@ -540,7 +540,7 @@ describe('OAS 3.0 - buildRequest w/ `style` & `explode` - query parameters', () expect(req).toEqual({ method: 'GET', - url: `/users?id=3,4,5,${SAFE_INPUT_RESULT}`, + url: `/users?id=3%2C4%2C5%2C${SAFE_INPUT_RESULT}`, credentials: 'same-origin', headers: {}, }); @@ -617,7 +617,7 @@ describe('OAS 3.0 - buildRequest w/ `style` & `explode` - query parameters', () expect(req).toEqual({ method: 'GET', - url: '/users?id=%3A,%2F,%3F,%23,%5B,%5D,%40,%21,%24,%26,%27,%28,%29,%2A,%2B,%2C,%3B,%3D', + url: '/users?id=%3A%2C%2F%2C%3F%2C%23%2C%5B%2C%5D%2C%40%2C%21%2C%24%2C%26%2C%27%2C%28%2C%29%2C%2A%2C%2B%2C%2C%2C%3B%2C%3D', credentials: 'same-origin', headers: {}, }); @@ -1123,7 +1123,7 @@ describe('OAS 3.0 - buildRequest w/ `style` & `explode` - query parameters', () expect(req).toEqual({ method: 'GET', - url: `/users?id=role,admin,firstName,Alex,greeting,${SAFE_INPUT_RESULT}`, + url: `/users?id=role%2Cadmin%2CfirstName%2CAlex%2Cgreeting%2C${SAFE_INPUT_RESULT}`, credentials: 'same-origin', headers: {}, }); @@ -1206,7 +1206,7 @@ describe('OAS 3.0 - buildRequest w/ `style` & `explode` - query parameters', () expect(req).toEqual({ method: 'GET', - url: `/users?id=role,admin,firstName,${RESERVED_INPUT_ENCODED_RESULT}`, + url: `/users?id=role%2Cadmin%2CfirstName%2C${RESERVED_INPUT_ENCODED_RESULT}`, credentials: 'same-origin', headers: {}, });