cherry-pick 02e9866 from 0.2.17

christopherthielen · christopherthielen · commit affd29d1a7ab · 2016-01-31T11:41:48.000-06:00
diff --git a/src/params/paramTypes.ts b/src/params/paramTypes.ts
@@ -5,9 +5,12 @@ import {is, val} from "../common/hof";
 import {services} from "../common/coreservices";
 import {Type} from "./type";
 
-const swapString = (search, replace) => val => val != null ? val.toString().replace(search, replace) : val;
-const valToString   = swapString(/\//g, "%2F");
-const valFromString = swapString(/%2F/g, "/");
+// Use tildes to pre-encode slashes.
+// If the slashes are simply URLEncoded, the browser can choose to pre-decode them,
+// and bidirectional encoding/decoding fails.
+// Tilde was chosen because it's not a RFC 3986 section 2.2 Reserved Character
+function valToString(val) { return val != null ? val.toString().replace(/~/g, "~~").replace(/\//g, "~2F") : val; }
+function valFromString(val) { return val != null ? val.toString().replace(/~2F/g, "/").replace(/~~/g, "~") : val; }
 
 class ParamTypes {
   types: any;
diff --git a/src/url/urlMatcher.ts b/src/url/urlMatcher.ts
@@ -6,6 +6,7 @@ import {
 import {prop, propEq } from "../common/hof";
 import {isArray, isString} from "../common/predicates";
 import {Param, paramTypes} from "../params/module";
+import {isDefined} from "../common/predicates";
 
 interface params {
   $$validates: (params: string) => Array<string>;
@@ -283,10 +284,16 @@ export class UrlMatcher {
         if (param.replace[j].from === value) value = param.replace[j].to;
       }
       if (value && param.array === true) value = decodePathArray(value);
+      if (isDefined(value)) value = param.type.decode(value);
       values[param.id] = param.value(value);
     }
     forEach(searchParams, param => {
-      values[param.id] = param.value(search[param.id])
+      let value = search[param.id];
+      for (let j = 0; j < param.replace.length; j++) {
+        if (param.replace[j].from === value) value = param.replace[j].to;
+      }
+      if (isDefined(value)) value = param.type.decode(value);
+      values[param.id] = param.value(value);
     });
 
     if (hash) values["#"] = hash;
diff --git a/test/stateSpec.js b/test/stateSpec.js
@@ -329,7 +329,7 @@ describe('state', function () {
         onEnter: function(badness) {}
       })
       .state('resolveTimeout', {
-        url: "/:foo",
+        url: "/resolve-timeout/:foo",
         resolve: {
           value: function ($timeout) {
             return $timeout(function() { log += "Success!"; }, 1);
@@ -1266,6 +1266,84 @@ describe('state', function () {
       expect($state.current.name).toBe('');
     }));
 
+
+    // Tests for issue #2339
+    describe("slashes in parameter values", function() {
+
+      var $rootScope, $state, $compile;
+      beforeEach(function () {
+
+        stateProvider.state('myState', {
+          template: 'myState',
+          url: '/my-state?:previous',
+          controller: function () {
+            log += 'myController;';
+          }
+        });
+
+        inject(function (_$rootScope_, _$state_, _$compile_, $trace) {
+          //$trace.enable(1);
+          $rootScope = _$rootScope_;
+          $state = _$state_;
+          $compile = _$compile_;
+        });
+        spyOn($state, 'go').and.callThrough();
+        spyOn($state, 'transitionTo').and.callThrough();
+        $compile('<div><div ui-view/></div>')($rootScope);
+        log = '';
+      });
+
+      describe('with no "/" in the params', function () {
+        beforeEach(function () {
+          $state.go('myState',{previous: 'last'});
+          $rootScope.$digest();
+        });
+        it('should call $state.go once', function() {
+          expect($state.go.calls.count()).toBe(1);
+        });
+        it('should call $state.transitionTo once', function() {
+          expect($state.transitionTo.calls.count()).toBe(1);
+        });
+        it('should call myController once', function() {
+          expect(log).toBe('myController;');
+        });
+      });
+
+      describe('with a "/" in the params', function () {
+        beforeEach(function () {
+          $state.go('myState',{previous: '/last'});
+          $rootScope.$digest();
+        });
+        it('should call $state.go once', function() {
+          expect($state.go.calls.count()).toBe(1);
+        });
+        it('should call $state.transitionTo once', function() {
+          expect($state.transitionTo.calls.count()).toBe(1);
+        });
+        it('should call myController once', function() {
+          expect(log).toBe('myController;');
+        });
+      });
+
+      describe('with an encoded "/" in the params', function () {
+        beforeEach(function () {
+          $state.go('myState',{previous: encodeURIComponent('/last')});
+          $rootScope.$digest();
+        });
+        it('should call $state.go once', function() {
+          expect($state.go.calls.count()).toBe(1);
+        });
+        it('should call $state.transitionTo once', function() {
+          expect($state.transitionTo.calls.count()).toBe(1);
+        });
+        it('should call myController once', function() {
+          expect(log).toBe('myController;');
+        });
+      });
+    });
+
+
+
     describe("typed parameter handling", function() {
       beforeEach(function () {
         stateProvider.state({
diff --git a/test/urlMatcherFactorySpec.js b/test/urlMatcherFactorySpec.js
@@ -78,10 +78,40 @@ describe("UrlMatcher", function () {
     expect(matcher.format(array)).toBe('/?foo=bar&foo=baz');
   });
 
-  it("should encode and decode slashes in parameter values", function () {
-    var matcher = new UrlMatcher('/:foo');
-    expect(matcher.format({ foo: "/" })).toBe('/%252F');
-    expect(matcher.format({ foo: "//" })).toBe('/%252F%252F');
+  it("should encode and decode slashes in parameter values as ~2F", function () {
+    var matcher1 = new UrlMatcher('/:foo');
+
+    expect(matcher1.format({ foo: "/" })).toBe('/~2F');
+    expect(matcher1.format({ foo: "//" })).toBe('/~2F~2F');
+
+    expect(matcher1.exec('/')).toBeTruthy();
+    expect(matcher1.exec('//')).not.toBeTruthy();
+
+    expect(matcher1.exec('/').foo).toBe("");
+    expect(matcher1.exec('/123').foo).toBe("123");
+    expect(matcher1.exec('/~2F').foo).toBe("/");
+    expect(matcher1.exec('/123~2F').foo).toBe("123/");
+
+    // param :foo should match between two slashes
+    var matcher2 = new UrlMatcher('/:foo/');
+
+    expect(matcher2.exec('/')).not.toBeTruthy();
+    expect(matcher2.exec('//')).toBeTruthy();
+
+    expect(matcher2.exec('//').foo).toBe("");
+    expect(matcher2.exec('/123/').foo).toBe("123");
+    expect(matcher2.exec('/~2F/').foo).toBe("/");
+    expect(matcher2.exec('/123~2F/').foo).toBe("123/");
+  });
+
+  it("should encode and decode tildes in parameter values as ~~", function () {
+    var matcher1 = new UrlMatcher('/:foo');
+
+    expect(matcher1.format({ foo: "abc" })).toBe('/abc');
+    expect(matcher1.format({ foo: "~abc" })).toBe('/~~abc');
+
+    expect(matcher1.exec('/abc').foo).toBe("abc");
+    expect(matcher1.exec('/~~abc').foo).toBe("~abc");
   });
 
   describe("snake-case parameters", function() {
@@ -344,6 +374,8 @@ describe("UrlMatcher", function () {
 
       $location.url("/foo");
       expect(m.exec($location.path(), $location.search())).toEqual( { param1: undefined } );
+      $location.url("/foo?param1=");
+      expect(m.exec($location.path(), $location.search())).toEqual( { param1: undefined } );
       $location.url("/foo?param1=bar");
       expect(m.exec($location.path(), $location.search())).toEqual( { param1: [ 'bar' ] } );
       $location.url("/foo?param1=bar&param1=baz");
