Browse Source

Only disallow objects and functions from being used for POST data

master
Kegan Myers 8 years ago
parent
commit
09548812b4
  1. 12
      build/typertext.js
  2. 2
      build/typertext.js.map
  3. 2
      build/typertext.min.js
  4. 2
      build/typertext.min.js.map
  5. 12
      lib/Typertext/Http/HttpUrl.ts
  6. 27
      test/Typertext/Http/HttpUrl.test.js

12
build/typertext.js

@ -132,19 +132,19 @@ var Typertext;
for (temp in data) {
var cur = data[temp];
if (typeof cur !== "object" && typeof cur !== "function") {
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
continue;
}
if (cur instanceof Array) {
for (var i = 0; i < cur.length; i++) {
if (typeof cur[i] !== "string") {
if (typeof cur[i] === "object" && typeof cur[i] !== "function") {
continue;
}
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur[i]) + "&";
}
continue;
}
if (typeof cur === "string") {
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
}
}

2
build/typertext.js.map
File diff suppressed because it is too large
View File

2
build/typertext.min.js
File diff suppressed because it is too large
View File

2
build/typertext.min.js.map
File diff suppressed because it is too large
View File

12
lib/Typertext/Http/HttpUrl.ts

@ -81,19 +81,19 @@ module Typertext.Http {
for (temp in data) {
var cur = data[temp];
if (typeof cur !== "object" && typeof cur !== "function") {
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
continue;
}
if (cur instanceof Array) {
for (var i = 0; i < cur.length; i++) {
if (typeof cur[i] !== "string") {
if (typeof cur[i] === "object" && typeof cur[i] !== "function") {
continue;
}
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur[i]) + "&";
}
continue;
}
if (typeof cur === "string") {
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
}
}

27
test/Typertext/Http/HttpUrl.test.js

@ -218,6 +218,33 @@ describe("Typertext.Http.HttpUrl", function () {
expect(actualOutput).toEqual(expectedOutput);
});
it("encodes a key with a number value", function () {
var input = {
"foo": 6
},
expectedOutput = "foo=6",
actualOutput = Typertext.Http.HttpUrl.UrlEncodeObject(input);
expect(actualOutput).toEqual(expectedOutput);
});
it("does not encode a key with an object value", function () {
var input = {
"foo": {}
},
expectedOutput = "",
actualOutput = Typertext.Http.HttpUrl.UrlEncodeObject(input);
expect(actualOutput).toEqual(expectedOutput);
});
it("does not encode a key with a function value", function () {
var input = {
"foo": function(){}
},
expectedOutput = "",
actualOutput = Typertext.Http.HttpUrl.UrlEncodeObject(input);
expect(actualOutput).toEqual(expectedOutput);
});
});
describe("UrlDecodeObject", function () {