users@jsr311.java.net

Re: Decoding '+' in path parameters

From: Marc Hadley <Marc.Hadley_at_Sun.COM>
Date: Tue, 10 Mar 2009 11:08:51 -0400

If you look at the production for the path component (http://tools.ietf.org/html/rfc3986#section-3.3
) then it looks to me like '+' is allowed without any kind of encoding:

segment = *pchar
pchar = unreserved / pct-encoded / sub-delims / ":" / "@"
sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
                   / "*" / "+" / "," / ";" / "="

URLDecoder is intended for use with URL query parameters that conform
to application/x-www-form-urlencoded.

I think your user is correct, the '+' should not be decoded if it part
of the path. You should only decode '+' within query parameters.

Marc.

On Mar 10, 2009, at 10:53 AM, Sergey Beryozkin wrote:
>
> PathParam values are automatically decoded by JAXRS implementations
> unless @Encoded is specified.
> In CXF we just use URLDecoder to decode. If '+' is contained in a
> given value then URLDecoder will produce an empty space instead of
> '+' and one of the CXF users sees it as a bug.
> I reckon that if a user percent-encoded a '+' or added @Encoded
> annotation to a path parameter, then things would work fine.
>
> What I'm kind of confused about is that '+' is listed at [1] as one
> of the reserved characters, and the test says that it is percent-
> encoded values that have to be decoded.
>
> Is CXF JAXRS-compliant (I'm asking it this way to make this post
> less off-topic :-)) in the way it decodes '+' (to space by default) ?
>
> Thanks, Sergey
>
> [1] http://tools.ietf.org/html/rfc3986