Closed
Bug 1213870
Opened 9 years ago
Closed 4 years ago
URL.hash should not percent-encode the fragment automatically
Categories
(Core :: Networking, defect, P3)
Core
Networking
Tracking
()
RESOLVED
INVALID
People
(Reporter: tommaso.dama, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: regression, Whiteboard: [necko-backlog])
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Steps to reproduce: I used to parse with JSON.parse() the window.location.hash string successfully. With the latest version (41.0.1) the hash string is automatically encoded, therefore if I have a JSON string in the hash this string get it's double quotes replaced and encoded with %22, throwing an error while parsing the string with JSON.parse(). earlier versions work fine. Actual results: The browser throws an error Expected results: The string returned by the window.location.hash property shouldn't be encoded or automatically decoded.
Reporter | ||
Updated•9 years ago
|
Summary: FF V.41.0.1 - window.location.hash encoded automatically → FF V.41.0.1 - window.location.hash automatically automatically breaks JSON.parse(window.location.hash)
Comment 1•9 years ago
|
||
Although " is an invalid character in a URL, IE/Chrome/Edge does not escape " blindly. This will break the web[tm]. The URL standard also violate RFC 3986 intentionally. https://url.spec.whatwg.org/#fragment-state
Status: UNCONFIRMED → NEW
Component: Untriaged → Networking
Ever confirmed: true
Keywords: regression
Product: Firefox → Core
Comment 2•9 years ago
|
||
Note that we should not unescape the fragment as previous versions of Firefox did, either.
Updated•9 years ago
|
Summary: FF V.41.0.1 - window.location.hash automatically automatically breaks JSON.parse(window.location.hash) → URL.hash should not percent-encode the fragment automatically
Comment 3•9 years ago
|
||
(In reply to tommaso.dama from comment #0) > I used to parse with JSON.parse() the window.location.hash string > successfully. With the latest version (41.0.1) the hash string is > automatically encoded, therefore if I have a JSON string in the hash this > string get it's double quotes replaced and encoded with %22, throwing an > error while parsing the string with JSON.parse(). FWIW, you should not assume that the fragment is always unescaped.
Reporter | ||
Comment 4•9 years ago
|
||
(In reply to Masatoshi Kimura [:emk] from comment #3) > (In reply to tommaso.dama from comment #0) > > I used to parse with JSON.parse() the window.location.hash string > > successfully. With the latest version (41.0.1) the hash string is > > automatically encoded, therefore if I have a JSON string in the hash this > > string get it's double quotes replaced and encoded with %22, throwing an > > error while parsing the string with JSON.parse(). > > FWIW, you should not assume that the fragment is always unescaped. Yep, I'll change the code in order to prevent this kind of issues in the future. Anyway, are you (FF team) going to rollback this change to the old behaviour?
Updated•8 years ago
|
Whiteboard: [necko-backlog]
Comment 5•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Comment 6•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
Comment 7•4 years ago
|
||
Per https://jsdom.github.io/whatwg-url/#url=aHR0cHM6Ly9leGFtcGxlLmNvbS8jIg==&base=YWJvdXQ6Ymxhbms= this is interoperable across browsers.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•