diff options
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rwxr-xr-x | actionpack/lib/action_controller/cgi_ext/cgi_methods.rb | 3 | ||||
| -rwxr-xr-x | actionpack/test/controller/cgi_test.rb | 13 |
3 files changed, 15 insertions, 3 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index e4d011581e..98a7469b75 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Skip params with empty names, such as the &=Save query string from <input type="submit"/>. #2569 [manfred, raphinou@yahoo.com] + * Fix assert_tag so that :content => "foo" does not match substrings, but only exact strings. Use :content => /foo/ to match substrings. #2799 [Eric Hodel] * Add descriptive messages to the exceptions thrown by cgi_methods. #6091, #6103 [Nicholas Seckar, Bob Silva] diff --git a/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb b/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb index 3c2a1abbb6..de412a4683 100755 --- a/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb +++ b/actionpack/lib/action_controller/cgi_ext/cgi_methods.rb @@ -11,6 +11,7 @@ class CGIMethods #:nodoc: pairs = query_string.split('&').collect do |chunk| next if chunk.empty? key, value = chunk.split('=', 2) + next if key.empty? value = (value.nil? || value.empty?) ? nil : CGI.unescape(value) [ key, value ] end.compact @@ -26,7 +27,7 @@ class CGIMethods #:nodoc: until finished finished = true for key, value in params - next unless key + next if key.blank? if !key.include?('[') # much faster to test for the most common case first (GET) # and avoid the call to build_deep_hash diff --git a/actionpack/test/controller/cgi_test.rb b/actionpack/test/controller/cgi_test.rb index 4f04a42e84..2d21e0ae97 100755 --- a/actionpack/test/controller/cgi_test.rb +++ b/actionpack/test/controller/cgi_test.rb @@ -16,7 +16,8 @@ class CGITest < Test::Unit::TestCase @query_string_with_many_equal = "action=create_customer&full_name=abc=def=ghi" @query_string_without_equal = "action" @query_string_with_many_ampersands = - "&action=create_customer&&&full_name=David%20Heinemeier%20Hansson" + "&action=create_customer&&&full_name=David%20Heinemeier%20Hansson" + @query_string_with_empty_key = "action=create_customer&full_name=David%20Heinemeier%20Hansson&=Save" end def test_query_string @@ -99,6 +100,13 @@ class CGITest < Test::Unit::TestCase CGIMethods.parse_query_parameters(@query_string_without_equal) ) end + + def test_query_string_with_empty_key + assert_equal( + { "action" => "create_customer", "full_name" => "David Heinemeier Hansson" }, + CGIMethods.parse_query_parameters(@query_string_with_empty_key) + ) + end def test_query_string_with_many_ampersands assert_equal( @@ -117,7 +125,8 @@ class CGITest < Test::Unit::TestCase "something_nil" => [ nil ], "something_empty" => [ "" ], "products[first]" => [ "Apple Computer" ], - "products[second]" => [ "Pc" ] + "products[second]" => [ "Pc" ], + "" => [ 'Save' ] } expected_output = { |