You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
Commit 90802d6 closed issue #954 and also added auto escaping of single quotes in the url. I've come across cases where an unescaped single quote is a legitimate, expected part of the URL (see Azure API's here: http://msdn.microsoft.com/en-us/library/dd179387.aspx). Watching these Azure REST calls with fiddler2 on Windows (using a different Azure client) shows the URL's going through with the single quotes intact (not escaped).
Since (in the Azure example) the URL is also used in creating the Authentication http header, having the URL changed "under the covers" creates an authentication error because the URL (after being auto escaped) does not match the one used to calculate the Authentication header.
I've been able to work around the issue so far by escaping the single quotes myself (before creating the Authentication header) and this works with Azure. However (IMHO) the URL specified in 'request' (etc.) should be the same URL that goes out over the wire -- it's more predictable that way.
Thanks!
The text was updated successfully, but these errors were encountered:
I'd say, let's not revert 90802d6, but it does make sense to not auto-escape single-quotes.
According to the spec, single-quotes are delimiters, and absolutely cannot appear unescaped in a url. On the other hand, every browser allows it, so we probably should as well.
@pofallon This should be working as you originally requested on master/v0.8. Please comment here if I'm misunderstanding it. We decided to just go ahead and allow delimiters, but escape them, since that's what the browser does if you put a delimiter char in the url bar or in a <a href="...">.
Commit 90802d6 closed issue #954 and also added auto escaping of single quotes in the url. I've come across cases where an unescaped single quote is a legitimate, expected part of the URL (see Azure API's here: http://msdn.microsoft.com/en-us/library/dd179387.aspx). Watching these Azure REST calls with fiddler2 on Windows (using a different Azure client) shows the URL's going through with the single quotes intact (not escaped).
Since (in the Azure example) the URL is also used in creating the Authentication http header, having the URL changed "under the covers" creates an authentication error because the URL (after being auto escaped) does not match the one used to calculate the Authentication header.
I've been able to work around the issue so far by escaping the single quotes myself (before creating the Authentication header) and this works with Azure. However (IMHO) the URL specified in 'request' (etc.) should be the same URL that goes out over the wire -- it's more predictable that way.
Thanks!
The text was updated successfully, but these errors were encountered: