I need to create a cookie containing double quotes.
cookies[:mycookie] = '"contentofmycookie"'
But then my cookie actually contains:
%22contentofmycookie%22
I've seen that Rails encodes cookie values; may be I should avoid this by overriding something but I don't know what. I'm using Rails 3.2.3.
Edit:
I need my cookie to contain double quotes to get it recognized by another application. This other application is not a Rails application and uses a cookie with quotes inside.
Thanks for your help!
You need to unescape your cookie when you extract it.
require 'cgi'
print CGI.unescape cookies[:mycookie]
#=> "contentofmycookie"
Related
Using Selenium I am accessing protected pages. I need to put the credentials into the URL to prevent the .htaccess popup from appearing. This is the method suggested in Selenium documentation.
One of the locations I need to access has a hash character in the password, and this causes the browser (both Chrome and Firefox) to not understand the URL and treat it as a search term.
e.g. http://user:pass#example.com/ gets through, but http://user:pa#ss#example.com/ is not recognised as a URL.
How can I "encode" the hash?
You should use Percent-encoding to encode the hash with %23.
See also:
How to escape hash character in URL
In Rails, I'd like to be able to escape all my URLs using link_to across the board. What is the best way to do this?
Currently, the permalinks are stored in UTF-8. e.g. it's stored as: 水-water
I'm running Spree, so I would like to avoid overriding all the template files with CGI.escapes to achieve the same thing.
Other considerations:
Store the Escaped url in the permalinks column? (params encodes it to UTF-8 and then the sequel can't find it because it was stored in the DB as escaped)
Thanks in advanced!
Justin
Nevermind, link_to already escapes the UTF-8 properly. It was the browser already interpreting it making me perceive it as unescaped.
Using a Raw HTTP Viewer such as: http://www.rexswain.com/httpview.html
Helped see that.
I have a Ruby on Rails Application that is using the X virtual framebuffer along with another program to grab images from the web. I have structured my command as shown below:
xvfb-run --server-args=-screen 0 1024x768x24 /my/c++/app #{user_provided_url}
What is the best way to make this call in rails with the maximum amount of safety from user input?
You probably don't need to sanitize this input in rails. If it's a URL and it's in a string format then it already has properly escaped characters to be passed as a URL to a Net::HTTP call. That said, you could write a regular expression to check that the URL looks valid. You could also do the following to make sure that the URL is parse-able:
uri = URI.parse(user_provided_url)
You can then query the object for it's relevant parts:
uri.path
uri.host
uri.port
Maybe I'm wrong, but why don't you just make sure that the string given is really an URL (URI::parse), surround it with single quotes and escape any single quote (') character that appears inside?
I have built a form that submits values to Wufoo as a GET request in the URL. I cannot get it to work if any of the values (in a textarea) contain a line-break or a forward slash. Is there a way to encode these in a URL?
This is being done in Rails.
I thought Rails would do that for you. But if you need to do it manually, you can use CGI::escape, e.g.
> require 'cgi'
...
> CGI.escape("hello%there\nworld")
=> "hello%25there%0Aworld"
EDIT:
Actually, CGI does not seem to escape a dot. URI can be used instead, it takes an extra parameter that lets you list extra characters you want escaped:
URI.escape("hello.there%world", ".")
http://en.wikipedia.org/wiki/Percent-encoding
When attempting to write/read cookies that have brackets in the name, it seems like Rails can't handle this. For example:
cookies["example[]"] = "value"
This causes the cookie name to be "example%5B%5D" instead of "example[]". Similarly, if I already have a cookie set with the name "example[]", then it seems like Rails is unable to properly delete it via a call cookies.delete "example[]" since the [ and ] characters are being encoded.
Anyone know how to fix this?
Th rfc does not specify what all can be in the name of a cookie . All it says that the name needs to be text . I guess rails is encoding the text and hence the brackets are becoming %5B%5D . I think its best to avoid such characters in Cookies .
Looks like this can only be done by hacking the Rails core. Sucks that the Rails developers implemented it this way.