How to preserve '+' sign in params in rails 5
How to preserve '+' sign in params in rails 5
I have an uri like this /store?email=google+@gmail.com
. Since '+' sign is allowed in email address, I need to preserve the plus sign. However, in rails 5, if I use params[:email]
, I get google @gmail.com
instead. How to prevent rails from converting '+' into space? I know we can first encode the url, and then decode it to preserve the '+' sign, but can I directly use params
instead of extracting params from uri? Is there a way to preserve the plus sign in params
?
/store?email=google+@gmail.com
params[:email]
google @gmail.com
params
params
Also I tried using URI.decode_www_form_component params[:email]
,which still didn't work. And since the url is provided by external source I can't ask them to explicitly encode +
as %2B
.
URI.decode_www_form_component params[:email]
+
%2B
Any suggestions will be appreciated!
@Schwern I didn't directly use that URI, instead I use the hash
params
to get the parameter email
– Patrick
Jun 30 at 3:21
params
email
"And since the url is provided by external source I can't ask them to explicitly encode + as %2B" You could give them an informative error message like "the email
google @gmail.com
is not valid". They'll figure it out.– Schwern
Jun 30 at 3:55
google @gmail.com
1 Answer
1
It's up to the users of your API to properly URI encode their parameters.
+
is a URI reserved character and has a special meaning, it's how you encode a space. If users want to send a literal +
they must URI encode it as %2B
. @
is also reserved and it should be encoded as %40
, though it might slip through.
+
+
%2B
@
%40
They need to send you /store?email=google%2B%40gmail.com
. Rails will decode it for you and params[:email]
will be google+@gmail.com
.
/store?email=google%2B%40gmail.com
params[:email]
google+@gmail.com
If you try to "fix" their mistake your application will not be behaving correctly and it will just cause more problems.
And since the url is provided by external source I can't ask them to explicitly encode + as %2B.
You're not asking them, they should already know how the standard works. Somebody got sloppy on their end.
Provide them with a useful error message and they'll figure it out.
email `google @gmail.com` is not valid
Thanks! But it seems
@
is correctly preserverd but +
is not.– Patrick
Jun 30 at 3:34
@
+
@Patrick Replacing
+
with a space is correct behavior for application/x-www-form-urlencoded
because spaces are not allowed in URLs. A @
might slip past. The details of exactly how escaping works get a bit complex. Rule of thumb is to percent escape any non-alphanumeric data. Better yet, use a library that does the escaping for you. See en.wikipedia.org/wiki/Percent-encoding#The_application/…– Schwern
Jun 30 at 3:50
+
application/x-www-form-urlencoded
@
+
is one way to encode a space in a URL.– Schwern
Jun 30 at 3:56
+
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.
How are you using that URI? Some things will URI escape, others will not.
– Schwern
Jun 30 at 3:19