Sinatra converting backslash to forward slash - ruby

The JSON I'm posting to my webserver looks like this:
"qry_when":["date_is_in(\"X:\\Finqueries\\Dates\\earnings files\\earnings.wmt.txt\")"]
but in my sinatra code,
apost '/parsequery/*' do
data = params[:captures][0]
data looks like
"qry_when":["date_is_in(/"X:/Finqueries/Dates/earnings files/earnings.wmt.txt/")"]
Because the \" is getting turned into /", when I later call JSON.parse(data), I get a parsing error:
unexpected token at 'X:/Finqueries/Dates/earnings files/earnings.wmt.txt/")"]
Is there anyway to get Sinatra to not convert the backslashes to forward slashes?
EDIT: As a solution, I have javascript change all my "\" to %5C and single and double quotes to %27 before sending the json, and it's working now in both chrome and opera.

Related

How to disable double escaping url in golang?

It looks like golang reverseproxy double escapes url, when making a http request,
server receives:
/id/EbnfwIoiiXbtr6Ec44sfedeEsjrf0RcXkJneYukTXa%252BIFVla4ZdfRiMzfh%252FEGs7f
expected:
/id/EbnfwIoiiXbtr6Ec44sfedeEsjrf0RcXkJneYukTXa%2BIFVla4ZdfRiMzfh%2FEGs7f
Is there a way to avoid double escaping?
Go isn't double-escaping the URL. It's constructing the URL given the values that you gave it (which means escaping the path). You've already escaped the path. Don't do that. If you want to send +, then use +. Go will escape it correctly.
If you have an escaped path already for some reason, then unescape it with url.PathUnescape() before constructing the URL.

UTL_HTTP - needs to stop escaping reserved chars

I've got a REST WebService and a PLSQL Package, from which i want to call the WebService.
The parameters for the call are located within the URI of the WebService.
htttp://myservice:8080/some/path/action?value1=123456&value2=some chars&value3=aGermanSonderzeichenCalledÄ
As you can see, there are 2 problems with the URI. First the whitespace for value2 and second the special character for value3.
That said, it is clear to me that the URI has to be encoded to a more friendly format.
The WebService desires UTF-8, so the URI is encoded with:
UTL_URL.ESCAPE(url,false,'UTF-8').
This results in the following URI:
htttp://myservice:8080/some/path/action?value1=123456&value2=some%20chars&value3=aGermanSonderzeichenCalled%C3%84
So far, so good. This encoded URI is passed to UTL_HTTP.BEGIN_REQUEST(url,'GET').
When I execute this request, and intercept it with Wireshark, i can see that the actual URI that got called is:
htttp://myservice:8080/some/path/action?value1=123456&value2=some%2520chars&value3=aGermanSonderzeichenCalled%25C3%2584
What we can see is, that UTL_HTTP escapes the reserved character '%' to %25.
So in my case the whitespace first got converted to %20 and after that to %2520.
What I'm looking for is a way to stop UTL_HTTP from escaping the reserved characters.
As an alternative, a way in which UTL_HTTP deals with the whitespace and special character, without me calling UTL_URL, would also work for me.

Curl POST request with an array of strings as a paramter

I want to send a curl post request with query params. One of these params is an array of strings. An example for such a string (using Postman chrome extension):
http://www.example.com/my_rest_endpoint?start=123456&duration=11&array_param=["activity level"]
Now, how can I translate this request to a curl command? no matter what I do, I can't seem to send the last parameter, array_param to curl. I've tried escaping the quotes and/or brackets with \, tried using -i flag and other various options, all with no success.
Solution was very close to what benaryorg suggested: Brackets and spaces needs to be placed with %5B, %5D and + according to the url encoding. The quotes were escaped using \". The final result is:
http://www.example.com/my_rest_endpoint?start=123456&duration=11&array_param=%5B\"Activity+Level\"%5D".
Have you tried placing ' around the parameters instead of escaping?
Also if that does not work, you could try to escape them like this example from Wikipedia.
You can find the codes for encoding here.

Characters in string within post are being auto escaped

I am sending tokens via a POST request, but when I see them on the server it doesn't match up with what was sent.
"U2FsdGVkX1+pxBHFdSU4NiSIOdR2GCCBr/WF7AOSF5zQjRqjSoTeOKR0Dzwm\nNT+g\n" <-- Original
"U2FsdGVkX1+pxBHFdSU4NiSIOdR2GCCBr/WF7AOSF5zQjRqjSoTeOKR0Dzwm\\nNT+g\\n" <-- Result
Notice that the \n has been replaced with \\n. When I do the token lookup verification, of course, no result is found because the string I'm looking for is not the proper string anymore!
I'm not sure why this string is being auto changed like this or quite how to correct it. I'm just accessing this through the standard params like so.
token.verify(params["token"])
EDIT for further clarity
I'm viewing this from the terminal using the debugger gem. I have autoeval enabled and display with params["token"] without p or puts. I am not trying to create newline characters with \n. The literal \n is an actual part of the string that is received in the post. I randomly generate a token using a hashing and encryption library and the strings sometimes end up with these characters in them. If I run token.verify(params["token"]) from the debugger terminal I get nil back from the database as there is no match due to the extra backslash characters being added into the string.
If I directly run token.verify("U2FsdGVkX1+pxBHFdSU4NiSIOdR2GCCBr/WF7AOSF5zQjRqjSoTeOKR0Dzwm\nNT+g\n") from the debugger terminal I get the correct record back from the database. This leaves me thinking that either Rack or Sinatra is auto escaping the "special" characters in the string before I get a chance to even touch it.
This has something to with the way Ruby is handling special characters. From irb you can see this with a quick check like this.
"\\n" == '\n'
Unexpectedly; at least to me, this returns true as they are treated the same. Rather than trying to deal with special characters coming across the wire I ended up just base 64 encoding everything.

What's the correct way to get HTML from an AJAX Response in JSON Format?

I have an AJAX request that creates a 'post', and upon successful post, I want to get HTML to inject back into the DOM. Right now I'm returning a JSON array that details success/error, and when I have a success I also include the HTML for the post in the response. So, I parse the response as JSON, and set a key in the JSON array to a bunch of HTML Code.
Naturally, the HTML code is making the JSON array break -- what should I do to escape it (or is there a better way to do this?). I get an AJAX response with a JSON array like so:
[{response:"success"},{html:'<div class="this is going to break...
Thanks!
Contrary to what you're probably used to in JavaScript, ' can't begin a string in JSON. It's strictly a ". Single quotes work when you're passing JSON to JavaScript.. much like <br> works when you want to put an XHTML line break.
So, use " to open the HTML string, and sanitize your quotes with \".
json.org has more info WRT what you should sanitize. Though the list of special characters isn't long, it's probably best to use a library like Anurag suggests in a comment.
Apart from escaping double quotes as mention by BranTheMan, newlines also break JSON strings. You need to replace newlines with \n.
Personally I've found this to be enough:
// Don't know what your serverside language is, example in javascript syntax:
print(encodeJSON({
response : "success",
html : htmlString.replace(/\n/g,'\\n').replace(/"/g,'\\"')
}));

Resources