easy-handler errors out when raw bytes are passed as URL parameters
Opened this issue · 1 comments
Kevinpgalligan commented
I'm running a dummy easy-handler that's just supposed to return a string, no matter what parameters I pass.
(hunchentoot:define-easy-handler (handle-announce :uri "/announce") ()
"some string")
However, it returns a 400 when I request this URL:
http://127.0.0.1:4242/announce?field=%27%10%C5
I've confirmed that the issue is URL decoding -- it's trying to convert the raw bytes under the field
parameter to UTF-8. This:
(hunchentoot::url-decode "http://127.0.0.1:4242/announce?field=%27%10%C5")
Causes the following error:
This sequence can't be decoded using UTF-8 as it is too short. 1 octet missing at the end.
[Condition of type FLEXI-STREAMS:EXTERNAL-FORMAT-ENCODING-ERROR]
[...]
Backtrace:
0: (FLEXI-STREAMS::SIGNAL-ENCODING-ERROR #<FLEXI-STREAMS::FLEXI-UTF-8-FORMAT (:UTF-8 :EOL-STYLE :LF) {1002051D53}> "This sequence can't be decoded ~ ..)
1: ((:METHOD FLEXI-STREAMS::CHECK-END (T T T T)) #<unavailable argument> #<unused argument> #<unavailable argument> #<unavailable argument>) [fast-method]
2: ((:METHOD FLEXI-STREAMS::COMPUTE-NUMBER-OF-CHARS (FLEXI-STREAMS::FLEXI-UTF-8-FORMAT T T T)) #<unavailable argument> #<unavailable argument> #<unavailable argument> #<unavailable argument>) [fast-metho..
3: ((:METHOD FLEXI-STREAMS::OCTETS-TO-STRING* (FLEXI-STREAMS::FLEXI-UTF-8-FORMAT T T T)) #<FLEXI-STREAMS::FLEXI-UTF-8-FORMAT (:UTF-8 :EOL-STYLE :LF) {1002051D53}> #(104 116 116 112 58 47 ...) #<unavailab..
For context, part of the BitTorrent protocol sends raw bytes through URL parameters, which is how I ran into this issue.
Is this expected behaviour of Hunchentoot?
Kevinpgalligan commented
I'm not 100% sure where url-decode
is getting called. I think the initialize-instance
of requests calls form-url-encoded-list-to-alist
on the parameters, which then uses url-decode
.