From 0f0f9d2ade7645012285379de43ea863a570db55 Mon Sep 17 00:00:00 2001 From: Ben Murphy Date: Wed, 13 Sep 2023 14:59:48 +0100 Subject: [PATCH] Support for slash in group name Encode slash as %2F. If group name contained a / character then this would be interpreted by the elixir as a different routing segment. I'm not sure if this works across all browsers or network setups because maybe some browsers will unescape values in the path before submitting the path or middle boxes might rewrite the path to an unescaped form. --- lib/fun_with_flags/ui/templates.ex | 2 +- test/fun_with_flags/ui/templates_test.exs | 12 +++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/fun_with_flags/ui/templates.ex b/lib/fun_with_flags/ui/templates.ex index 8b0f6cb..2c4b846 100644 --- a/lib/fun_with_flags/ui/templates.ex +++ b/lib/fun_with_flags/ui/templates.ex @@ -80,6 +80,6 @@ defmodule FunWithFlags.UI.Templates do def url_safe(val) do val |> to_string() - |> URI.encode() + |> URI.encode(fn (c) -> c != ?/ and URI.char_unescaped?(c) end) end end diff --git a/test/fun_with_flags/ui/templates_test.exs b/test/fun_with_flags/ui/templates_test.exs index de31887..3bc5a7d 100644 --- a/test/fun_with_flags/ui/templates_test.exs +++ b/test/fun_with_flags/ui/templates_test.exs @@ -18,6 +18,16 @@ defmodule FunWithFlags.UI.TemplatesTest do end + describe "url_safe" do + test "it escapes / character" do + assert Templates.url_safe("/") == "%2F" + end + + test "it escapes { character" do + assert Templates.url_safe("{") == "%7B" + end + end + describe "_head()" do test "it renders", %{conn: conn} do out = Templates._head(conn: conn, title: "Coconut") @@ -153,7 +163,7 @@ defmodule FunWithFlags.UI.TemplatesTest do out = Templates.details(conn: conn, flag: flag) assert String.contains?(out, ~s{