Open
Description
The sub-delims characters should not be percent-encoded by the normalized_user and normalized_password methods in Addressable::URI as they are valid characters according to RFC 3986:
userinfo = *( unreserved / pct-encoded / sub-delims / ":" )
pct-encoded = "%" HEXDIG HEXDIG
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
/ "*" / "+" / "," / ";" / "="
Current behaviour:
>> Addressable::URI.parse('https://u$er!:pa$s@google.com').normalized_user
=> "u%24er%21"
>> Addressable::URI.parse('https://u$er!:pa$s@google.com').normalized_password
=> "pa%24s"
>> Addressable::URI.parse('https://u$er!:pa$s@google.com').normalized_userinfo
=> "u%24er%21:pa%24s"Expected behaviour:
>> Addressable::URI.parse('https://u$er!:pa$s@google.com').normalized_user
=> "u$er!"
>> Addressable::URI.parse('https://u$er!:pa$s@google.com').normalized_password
=> "pa$s"
>> Addressable::URI.parse('https://u$er!:pa$s@google.com').normalized_userinfo
=> "u$er!:pa$s"The characters are encoded in the following two places:
addressable/lib/addressable/uri.rb
Lines 955 to 958 in 4229164
addressable/lib/addressable/uri.rb
Lines 1010 to 1013 in 4229164
The second parameter to be passed to Addressable::URI.normalize_component should be /[^#{CharacterClasses::UNRESERVED + CharacterClasses::SUB_DELIMS}]/ instead of just /[^#{CharacterClasses::UNRESERVED}]/
Metadata
Assignees
Labels
No labels
Activity