JSON-RPC payloads don't need urldecode step

[cl0ne]

For 14 years due to problems with some JS library (5749449) JSON-RPC request handler expects payload to be URL encoded.

JSON-RPC specification doesn't even mention the need for percent-encoding at all (same goes for older spec). None of the popular JSON-RPC clients (at least, this applies to Perl, C#, Java, Python implementations) apply URL encoding to the produced JSON request. Consequently, any method parameter that contains percent symbol will be either decoded to a wrong value, or will more often cause request handling failure.

The example from "AJAX through JSON-RPC" documentation page is broken due to this issue as well. Just include percent symbol in any of the submitted arguments, and you'll get either response code 500 (when the resulting character sequence is not valid, e.g. hello%world), or received request with different argument values (e.g., hello%20world becomes hello world).

This can hardly be expected as a correct behaviour for JSON-RPC server, even though correcting it is a backwards-incompatible change.

[vinoski]

Thanks for the explanation. I agree the current code is incorrect, and given the lack of complaints about it, I think it will be OK in this case to break backwards-compatibility in favor of correct behavior.