Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

URL getting double/improperly encoded when % percent sign is present #2561

Open
joemsak opened this issue Apr 12, 2021 · 4 comments
Open

URL getting double/improperly encoded when % percent sign is present #2561

joemsak opened this issue Apr 12, 2021 · 4 comments

Comments

@joemsak
Copy link

joemsak commented Apr 12, 2021

Hi there - Rails 6.1 with Carrierwave main github branch (I need the fix mentioned here #2415 (comment))

So we have an uploader with a retina version with code like this:

version :retina do
  process resize_to_fill: [1600, 900]
  process :optimize

  def full_filename(for_file)
    super.tap do |file_name|
      file_name.gsub!('.', '@2x.').gsub!('retina_', '')
    end
  end
end

And when I call model.logo.retina.url I get something like this:

https://s3-host.aws-example.com/path/to/file%25402x.jpg?security-params...

I can see that %25 is supposed to be the % sign itself, and it should be forming %40 for the @ sign but it's not and therefore AWS bonks out with AccessDenied (which is how they handle 404)

For now my workaround is to use URI.decode(model.logo.retina.url) and I'm very lucky I only have this one retina version on one uploader, referenced in one place in my code, but you can imagine this would get out of hand, and I assume there should be (and might be, but I can't find it) a better way to handle this?

Thanks!

@joemsak
Copy link
Author

joemsak commented Apr 14, 2021

Just wanna add on to say I had this issue come up in another spot in my codebase. It's not really about the retina version obviously, it's about the % symbol being present in the URLs when they shouldn't be encoded to %25 because they are already encoding another character

@joemsak joemsak changed the title Retina version URL getting double encoded URL getting double/improperly encoded when % percent sign is present Apr 14, 2021
@joemsak
Copy link
Author

joemsak commented Apr 15, 2021

Another update on this. URI.decode(model.attachment.url) is not always the right thing to do, either. Sometimes there are % that need to be in there as-is, as part of the AWS token. I'm currently not sure what to do about this issue I'm having. Any help or advice is much appreciated

@joemsak
Copy link
Author

joemsak commented Apr 21, 2021

Current workaround to fix this issue globally is in my base uploader mixin:

module MyBaseUploader
  def url(*)
    super&.gsub('%25', '%')
  end
end

class SomeUploader < Carrierwave::Base::Uploader
  include MyBaseUploader
end

Since so far what needs to be fixed here is that the % is already involved in encoding some other character, but has itself been encoded, so the URLs which have encoded characters in them are being sort of over-encoded

@mshibuya mshibuya added this to the Release v3.0.0 milestone Apr 1, 2023
@mshibuya
Copy link
Member

mshibuya commented Apr 2, 2023

Tried with the filename test@2x.jpg but couldn't reproduce, just getting test%402x.jpg.
What setup are you using and how do you get the url? Can you provide the full uploader code?

@mshibuya mshibuya removed this from the Release v3.0.0 milestone Apr 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants