ShopifySharp
ShopifySharp copied to clipboard
Invalid regex on ParseRawQuerystring method in AuthorizationService
When trying to utilize the IsAuthenticRequest
function of the AuthorizationService by passing a QueryString as a string, the regex is not allowing for they key ids[]
to be parsed because it is only matching letters and periods with [\w\.]
. It should account for the array as well by using [\w\[\]\.]
instead. I got around this issue by converting my QueryString to a dictionary in the meantime which passed back a valid response, but I'm sure anyone that has tried to pass in a raw QueryString as a string and had an ids[]
array wasn't able to get a valid response.
See the images below that show that the library's ParseRawQuerystring
function is returning only 6 items in the dictionary while my dictionary is returning 7 items.
My authenticate request function:
My dictionary result dict
:
Library dictionary result test
:
Thanks @jeremy-mcalps that sounds like a bug indeed.
However, is there any reason why you don't use Request.Query
instead of creating the dictionary yourself from a string?
You should be able to pass this to the correct overload directly.
Haha no reason, simply used to using Request.QueryString
that I didn't even think to use Request.Query
. Just tested it out and it worked fine with Request.Query
instead.
@nozzlegear maybe we should remove the overload that takes a string?
@clement911 Sorry for the delay, you're suggesting we remove the overload that accepts the querystring as a string and let the devs just pass in Request.Query
or parse it themselves if they can't do that? I don't hate that idea, as I'm sure our querystring parsing is frought with issues like this one and I'd rather not take on another dependency just for querystring parsing.
Edit: although it would have to be in the next major release, in the meantime I can update the current method and add more unit tests for the ids[]
param.