[Ves] vesMidasClient not escaping form data
Pat Marion
pat.marion at kitware.com
Wed Apr 3 18:39:29 EDT 2013
Thanks for catching the bug! I suppose it should escape everything, do you
agree? All those characters are going into a url.
Pat
On Thu, Apr 4, 2013 at 8:36 AM, David Thompson
<david.thompson at kitware.com>wrote:
> Hi all,
>
> I've run into an issue with some code I stole from vesMidasClient... it
> appears that vesMidasClient::renewToken() does not escape the API key (or
> any other parameters sent to request()). So, if you are unlucky, your Midas
> API key contains a plus sign ('+') and the server will unescape it into a
> space. That will prevent MIDAS from authenticating.
>
> I'm happy to push a fix, but am curious whether vesMidasClient::request()
> should just escape all of the parameters it is given or whether to manually
> escape only some parameters like the API key... Any opinions?
>
> Thanks,
> David
> _______________________________________________
> Ves mailing list
> Ves at public.kitware.com
> http://public.kitware.com/cgi-bin/mailman/listinfo/ves
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://public.kitware.com/pipermail/ves/attachments/20130404/670deebb/attachment-0002.html>
More information about the Ves
mailing list