From 1d0c6ce332ec0b240c4d783450a9059c6053440b Mon Sep 17 00:00:00 2001 From: Ole Martin Handeland Date: Fri, 7 Oct 2022 08:46:17 +0200 Subject: [PATCH] Encoding fields in HTTP headers (#523) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Encoding fields to make sure we don't send UTF8 inside the HTTP header * Updating reference to use æøå (which is not allowed in JsonSchema, but the app should now crash with this component ID either) Co-authored-by: Ole Martin Handeland --- .../form/data/submit/submitFormDataSagas.test.ts | 12 ++++++------ .../features/form/data/submit/submitFormDataSagas.ts | 8 ++++---- test/cypress/e2e/pageobjects/app-frontend.js | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.test.ts b/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.test.ts index 0e4d2ceedf..9a4a32a526 100644 --- a/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.test.ts +++ b/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.test.ts @@ -94,8 +94,8 @@ describe('submitFormDataSagas', () => { [ call(put, dataElementUrl(defaultDataElementGuid), model, { headers: { - 'X-DataField': field, - 'X-ComponentId': componentId, + 'X-DataField': encodeURIComponent(field), + 'X-ComponentId': encodeURIComponent(componentId), }, }), {}, @@ -167,8 +167,8 @@ describe('submitFormDataSagas', () => { { headers: { party: `partyid:${stateMock.party.selectedParty.partyId}`, - 'X-DataField': field, - 'X-ComponentId': componentId, + 'X-DataField': encodeURIComponent(field), + 'X-ComponentId': encodeURIComponent(componentId), }, }, model, @@ -257,8 +257,8 @@ describe('submitFormDataSagas', () => { getStatelessFormDataUrl(currentDataType, true), { headers: { - 'X-DataField': field, - 'X-ComponentId': componentId, + 'X-DataField': encodeURIComponent(field), + 'X-ComponentId': encodeURIComponent(componentId), }, }, model, diff --git a/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.ts b/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.ts index 566d65d998..23a68f4935 100644 --- a/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.ts +++ b/src/altinn-app-frontend/src/features/form/data/submit/submitFormDataSagas.ts @@ -132,8 +132,8 @@ export function* putFormData({ try { const options: AxiosRequestConfig = { headers: { - 'X-DataField': field, - 'X-ComponentId': componentId, + 'X-DataField': encodeURIComponent(field), + 'X-ComponentId': encodeURIComponent(componentId), }, }; yield call(put, dataElementUrl(defaultDataElementGuid), model, options); @@ -224,8 +224,8 @@ export function* saveStatelessData({ const allowAnonymous = yield select(makeGetAllowAnonymousSelector()); let options: AxiosRequestConfig = { headers: { - 'X-DataField': field, - 'X-ComponentId': componentId, + 'X-DataField': encodeURIComponent(field), + 'X-ComponentId': encodeURIComponent(componentId), }, }; if (!allowAnonymous) { diff --git a/test/cypress/e2e/pageobjects/app-frontend.js b/test/cypress/e2e/pageobjects/app-frontend.js index 88466268ba..ad23e438e3 100644 --- a/test/cypress/e2e/pageobjects/app-frontend.js +++ b/test/cypress/e2e/pageobjects/app-frontend.js @@ -75,7 +75,7 @@ export default class AppFrontend { newMiddleName: '#newMiddleName', newMiddleNameDescription: '#description-newMiddleName', oldFullName: '#changeNameFrom', - newFullName: '#changeNameTo', + newFullName: '#changeNameTo_æøå', confirmChangeName: '#confirmChangeName', reasons: '#reason', reference: '#reference',