modify url matcher to accomodate snake case GET request parameters

[mattbroekhuis]

No description provided.

[nateabele]

Wouldn't it be simpler to just add an i at the end?

[mattbroekhuis]

for case insensitive? I don't follow.

[laurelnaiad]

I assumed, perhaps wrongly, that the dash was the issue, possibly related to the stuff around double-decoding (or not) in the UrlMatcher.

[mattbroekhuis]

sorry i'm kinda new to github. am i doing it right here?

[ksperling]

Rather than just allowing dash-separated words, maybe we should just have a more general character class for what's allowed in a parameter name. Once you're going past \w it's not clear where to stop though... is hi%20bob a valid parameter name, and is it the same as hi bob?

[nateabele]

@Broeks Sorry, you're right. My brain replaced 'snake-case' with 'camel-case' for some reason. Anyway, yes, you GitHub'd correctly, good job. 👍

@ksperling I think this sort of answers it: http://stackoverflow.com/questions/2366260/whats-valid-and-whats-not-in-a-uri-query

[timkindberg]

@nateabele Its hard to be certain from that SO question, but I don't see - character used anywhere as a reserved. I'll post the relevant portion of that post here:

2.2. Reserved Characters

URIs include components and subcomponents that are delimited by characters in the "reserved" set. These characters are called "reserved" because they may (or may not) be defined as delimiters by the generic syntax, by each scheme-specific syntax, or by the implementation-specific syntax of a URI's dereferencing algorithm. If data for a URI component would conflict with a reserved character's purpose as a delimiter [emphasis added], then the conflicting data must be percent-encoded before the URI is formed.

   reserved    = gen-delims / sub-delims
   gen-delims  = ":" / "/" / "?" / "#" / "[" / "]" / "@"
   sub-delims  = "!" / "$" / "&" / "'" / "(" / ")"
               / "*" / "+" / "," / ";" / "="

3.3. Path Component

[...]

pchar         = unreserved / pct-encoded / sub-delims / ":" / "@"

[...]

3.4 Query Component

[...]

      query       = *( pchar / "/" / "?" )

It looks like:

• query is made up of a pchar OR '/' OR '?'.
• pchar is made up of any unreserved OR percent-encoded OR sub-delim OR ':' OR '@'
• reserved is made up of the characters shown above

So - would be considered an unreserved. I think that means it should be allowed. I could be WAY OFF.

[ksperling]

application/x-www-form-urlencoded would probably be the thing to look at... i.e. we're assuming that the search part of the URL is key-value pairs separated by & / =. So any character is allowed as long as it's percent-escaped (or '+' for space).

This means a URLMatcher pattern of '...?hi+bob&%20' should define two parameters, hi bob and .

To be consistent, we should probably also allow percent-encoding special character in path parameter names.

[laurelnaiad]

I was going to ask about why anything other than = and & would be a problem. If you can squeeze it through the browser then it can be a javascript string and thats whats needed for an associative array, right?

[nateabele]

I'm just gonna merge this for now since the fix is correct (if limited), and we have a release to push. We can come back and broaden it later.