aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--actionpack/CHANGELOG2
-rwxr-xr-xactionpack/lib/action_controller/cgi_ext/cgi_methods.rb3
-rwxr-xr-xactionpack/test/controller/cgi_test.rb11
3 files changed, 15 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG
index e8e7f73134..78d73852bb 100644
--- a/actionpack/CHANGELOG
+++ b/actionpack/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Tolerate consecutive delimiters in query parameters. #2295 [darashi@gmail.com]
+
* Streamline render process, code cleaning. Closes #2294. [skae]
* Keep flash after components are rendered. #2291 [Rick Olson, Scott]
diff --git a/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb b/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb
index ac2dae9989..817d9d0d0d 100755
--- a/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb
+++ b/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb
@@ -11,6 +11,9 @@ class CGIMethods #:nodoc:
parsed_params = {}
query_string.split(/[&;]/).each { |p|
+ # Ignore repeated delimiters.
+ next if p.empty?
+
k, v = p.split('=',2)
v = nil if (v && v.empty?)
diff --git a/actionpack/test/controller/cgi_test.rb b/actionpack/test/controller/cgi_test.rb
index a896128168..b70b1628a6 100755
--- a/actionpack/test/controller/cgi_test.rb
+++ b/actionpack/test/controller/cgi_test.rb
@@ -14,6 +14,8 @@ class CGITest < Test::Unit::TestCase
"action=update_order&full_name=Lau%20Taarnskov&products=4&products=2&products=3"
@query_string_with_many_equal = "action=create_customer&full_name=abc=def=ghi"
@query_string_without_equal = "action"
+ @query_string_with_many_ampersands =
+ "&action=create_customer&&&full_name=David%20Heinemeier%20Hansson"
end
def test_query_string
@@ -66,7 +68,14 @@ class CGITest < Test::Unit::TestCase
CGIMethods.parse_query_parameters(@query_string_without_equal)
)
end
-
+
+ def test_query_string_with_many_ampersands
+ assert_equal(
+ { "action" => "create_customer", "full_name" => "David Heinemeier Hansson"},
+ CGIMethods.parse_query_parameters(@query_string_with_many_ampersands)
+ )
+ end
+
def test_parse_params
input = {
"customers[boston][first][name]" => [ "David" ],