I'm a little surprised to find that addPostParam doesn't URI-encode its value. For example, if I try to test a login form with:
request $ do
setUrl LoginR
setMethod "POST"
addPostParam "email" "x@y.z"
addPostParam "password" "6TW0#B+3/N"It comes through to the handler as:
POST /auth/login
Params: [("password","6TW0#B 3/N"),("email","x@y.z")]
(Note the + converted to a space.) Even worse, if the value contains &, such as in "G&&E>Q$1MU" – I'm getting:
POST /auth/login
Params: [("password","G"),("",""),("E>Q$1MU",""),("email","x@y.z")]
Should we apply URI-encoding to the key-value pairs when constructing the request body? Or at least maybe the haddock for addPostParam should state that the key-value are required to be URI-safe already?
Thanks!
I'm a little surprised to find that
addPostParamdoesn't URI-encode its value. For example, if I try to test a login form with:It comes through to the handler as:
(Note the
+converted to a space.) Even worse, if the value contains&, such as in"G&&E>Q$1MU"– I'm getting:Should we apply URI-encoding to the key-value pairs when constructing the request body? Or at least maybe the haddock for
addPostParamshould state that the key-value are required to be URI-safe already?Thanks!