Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proper escaping of ext data #1

Open
algermissen opened this issue May 5, 2013 · 4 comments
Open

Proper escaping of ext data #1

algermissen opened this issue May 5, 2013 · 4 comments
Labels

Comments

@algermissen
Copy link
Owner

Currently, ext data ist not escaped correctly when added to the HMAC base string or header strings.

@PilchardFriendly
Copy link

Using 1.3 - It looks like the HawkContext builder doesn't allow quotes in the ext-data, but that AuthorisationHeader builder does.

For valid input ext data

{"value"="String with \"quotes\""}

should be valid.

This means supporting both quotes, escaped quotes, and other escape characters.

@PilchardFriendly
Copy link

But as a work-around, I'm just going to URL Encode my json payload

@algermissen
Copy link
Owner Author

If you need it, I can fix that. I had other issues I wasn't sure how to solve best (in the C-lib), hence escaping was deferred.

How urgent is the fix?

Jan

@PilchardFriendly
Copy link

As it turned out, I needed to URL encode the data anyway.

So no urgency on the fix at all.

Nick

On 19 May 2014, at 3:28 pm, Jan Algermissen [email protected] wrote:

If you need it, I can fix that. I had other issues I wasn't sure how to solve best (in the C-lib), hence escaping was deferred.

How urgent is the fix?

Jan


Reply to this email directly or view it on GitHub.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants