You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When parsing the query, the replacement operation of the '+' character should be performed before URI decoding. BASE64 encoded string in the query can contain '+' character which is currently replaced, so the BASE64 value is corrupted.
public QueryStringHttpHeaders(string query)
{
var splittedKeyValues = query.Split(Seperators, StringSplitOptions.RemoveEmptyEntries);
var values = new Dictionary<string, string>(splittedKeyValues.Length / 2, StringComparer.InvariantCultureIgnoreCase);
for (int i = 0; i < splittedKeyValues.Length; i += 2)
{
var key = Uri.UnescapeDataString(splittedKeyValues[i]);
string value = null;
if (splittedKeyValues.Length > i + 1)
{
value = Uri.UnescapeDataString(splittedKeyValues[i + 1]).Replace('+', ' ');
}
values[key] = value;
}
_count = values.Count;
_child = new HttpHeaders(values);
}
The replacing should be modified as follows: value = Uri.UnescapeDataString(splittedKeyValues[i + 1].Replace('+', ' '));
Additionally using the StringSplitOptions.RemoveEmptyEntries option can cause errors in the case the value is empty. I think it should be replaced by StringSplitOptions.None.
The text was updated successfully, but these errors were encountered:
When parsing the query, the replacement operation of the '+' character should be performed before URI decoding. BASE64 encoded string in the query can contain '+' character which is currently replaced, so the BASE64 value is corrupted.
The replacing should be modified as follows:
value = Uri.UnescapeDataString(splittedKeyValues[i + 1].Replace('+', ' '));Additionally using the
StringSplitOptions.RemoveEmptyEntriesoption can cause errors in the case the value is empty. I think it should be replaced byStringSplitOptions.None.The text was updated successfully, but these errors were encountered: