Description
Description
Any text input field containing '&' (encoded %26) is wrongly parsed as further arguments because parsing.cpp is performing urlDecode() on the entire buffer for "application/x-www-form-urlencoded" type header. Instead, url decoding should be executed on the parsed arguments themselves in _parseArguments().
(Indeed 2.4.0-rc.1 _parseArguments() is already performing urlDecode() on the arguments parsed)
ESP8266WebServer/src/Parsing.cpp
185: if (contentLength > 0) {
186: if (searchStr != "") searchStr += '&';
187: if(isEncoded){
188: //url encoded form
189: String decoded = urlDecode(plainBuf); <-- Cause of error
hence
plainBuf: arg0=arg0_value&arg1=arg1_value&arg2=inner_arg0%3Dinner_arg0_value%26inner_arg1%3Dinner_arg1_value%26inner_arg2%3Dinner_arg2_value
becomes
decoded : arg0=arg0_value&arg1=arg1_value&arg2=inner_arg0=inner_arg0_value&inner_arg1=inner_arg1_value&inner_arg2=inner_arg2_value
which then parsed in _parseArguments() as:
arg0 : arg0_value
arg1 : arg1_value
arg2 : inner_arg0=inner_arg0_value
inner_arg1 : inner_arg1_value
inner_arg2 : inner_arg2_value
though it should have been parsed to:
arg0 : arg0_value
arg1 : arg1_value
arg2 : inner_arg0=inner_arg0_value&inner_arg1=inner_arg1_value&inner_arg2=inner_arg2_value
I fixed the issue temporarily as following:
185: if (contentLength > 0) {
186: if (searchStr != "") searchStr += '&';
187: //if(isEncoded){
188: //url encoded form
189: // String decoded = urlDecode(plainBuf); --> plainBuf should not be decoded. Parameters should be decoded instead
190: // size_t decodedLen = decoded.length();
191: // memcpy(plainBuf, decoded.c_str(), decodedLen);
192: // plainBuf[decodedLen] = 0;
193: searchStr += plainBuf;
194: //}
though it may need a finer resolution by the original author(s)
Hardware
Hardware: Sparkfun ESP8266 Thing Developer
Core Version: 2.4.0-rc.1
Settings in IDE
Module: Sparkfun ESP8266 Thing Developer
Flash Size: 512
CPU Frequency: 80Mhz
Flash Mode: qio
Flash Frequency: 40Mhz
Upload Using: SERIAL
Reset Method: nodemcu