openapi-typescript-codegen
openapi-typescript-codegen copied to clipboard
ferdikoomen
URI components are not correctly URI encoded by default
Steps to reproduce
-
Generate an API call that accepts a path parameter.
E.g.
public static getPerson({ id, }: { /** * The ID of the Person to get. */ id?: string, }): CancelablePromise<Person> { return __request(OpenAPI, { method: 'GET', url: '/api/person/{id}', path: { 'id': id, }, }); } -
Try to pass a path parameter that contains any characters that are valid in a URI, but may break the URI if included as a path component. These include characters like
/,?,&. For example using forward slashes:getPerson({id: "/x/y/1"}).
Expected Result
Path parameter is URL encoded.
In the above example /x/y/1 should be encoded to %2Fx%2Fy%2F1 and passed into the URL, where the final request in the above example is GET /api/person/%2Fx%2Fy%2F1.
Actual Result
URL is constructed without encoding the component.
In the above example, this leads to /api/person/x/y/1.
I've noticed that the docs say that using encodeURI is the default when encoding path parameters, and that the recommendation is to adjust the ENCODE_PATH parameter if you want to change the behaviour.
I'm curious as to why encodeURIComponent is not the default, when the goal here is to encode path parameters, which is the exact use-case of encodeURIComponent. The use-case of encodeURI is to encode entire URIs, where forward slashes (among other characters) are valid.
I'm happy to submit a PR to change this default if agreed, but otherwise I'm curious to hear your thoughts @ferdikoomen .
Agree with @lukeknxt! Just spent an hour debugging why my path param with value @AD# get converted into @AD..
encodeURIComponent should be used by default for sure.
