Only disallow objects and functions from being used for POST data
This commit is contained in:
parent
769c779d8c
commit
09548812b4
|
@ -132,19 +132,19 @@ var Typertext;
|
||||||
for (temp in data) {
|
for (temp in data) {
|
||||||
var cur = data[temp];
|
var cur = data[temp];
|
||||||
|
|
||||||
|
if (typeof cur !== "object" && typeof cur !== "function") {
|
||||||
|
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
if (cur instanceof Array) {
|
if (cur instanceof Array) {
|
||||||
for (var i = 0; i < cur.length; i++) {
|
for (var i = 0; i < cur.length; i++) {
|
||||||
if (typeof cur[i] !== "string") {
|
if (typeof cur[i] === "object" && typeof cur[i] !== "function") {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur[i]) + "&";
|
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur[i]) + "&";
|
||||||
}
|
}
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (typeof cur === "string") {
|
|
||||||
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -81,19 +81,19 @@ module Typertext.Http {
|
||||||
for (temp in data) {
|
for (temp in data) {
|
||||||
var cur = data[temp];
|
var cur = data[temp];
|
||||||
|
|
||||||
|
if (typeof cur !== "object" && typeof cur !== "function") {
|
||||||
|
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
if (cur instanceof Array) {
|
if (cur instanceof Array) {
|
||||||
for (var i = 0; i < cur.length; i++) {
|
for (var i = 0; i < cur.length; i++) {
|
||||||
if (typeof cur[i] !== "string") {
|
if (typeof cur[i] === "object" && typeof cur[i] !== "function") {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur[i]) + "&";
|
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur[i]) + "&";
|
||||||
}
|
}
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (typeof cur === "string") {
|
|
||||||
rs += encodeURIComponent(temp) + "=" + encodeURIComponent(cur) + "&";
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -218,6 +218,33 @@ describe("Typertext.Http.HttpUrl", function () {
|
||||||
|
|
||||||
expect(actualOutput).toEqual(expectedOutput);
|
expect(actualOutput).toEqual(expectedOutput);
|
||||||
});
|
});
|
||||||
|
it("encodes a key with a number value", function () {
|
||||||
|
var input = {
|
||||||
|
"foo": 6
|
||||||
|
},
|
||||||
|
expectedOutput = "foo=6",
|
||||||
|
actualOutput = Typertext.Http.HttpUrl.UrlEncodeObject(input);
|
||||||
|
|
||||||
|
expect(actualOutput).toEqual(expectedOutput);
|
||||||
|
});
|
||||||
|
it("does not encode a key with an object value", function () {
|
||||||
|
var input = {
|
||||||
|
"foo": {}
|
||||||
|
},
|
||||||
|
expectedOutput = "",
|
||||||
|
actualOutput = Typertext.Http.HttpUrl.UrlEncodeObject(input);
|
||||||
|
|
||||||
|
expect(actualOutput).toEqual(expectedOutput);
|
||||||
|
});
|
||||||
|
it("does not encode a key with a function value", function () {
|
||||||
|
var input = {
|
||||||
|
"foo": function(){}
|
||||||
|
},
|
||||||
|
expectedOutput = "",
|
||||||
|
actualOutput = Typertext.Http.HttpUrl.UrlEncodeObject(input);
|
||||||
|
|
||||||
|
expect(actualOutput).toEqual(expectedOutput);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("UrlDecodeObject", function () {
|
describe("UrlDecodeObject", function () {
|
||||||
|
|
Reference in New Issue