Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Filter eq with reserved characters does not seem to need %22 #28

Open
Fritte795 opened this issue Sep 26, 2023 · 2 comments
Open

Filter eq with reserved characters does not seem to need %22 #28

Fritte795 opened this issue Sep 26, 2023 · 2 comments

Comments

@Fritte795
Copy link
Contributor

Fritte795 commented Sep 26, 2023

I stumbled across a weird behavior where I could not use a filter with eq to filter by an IP-Address (e.g. 10.0.0.1).
The generated url for From("Foo").Select("*").Eq("ip", "10.0.0.1").Execute() is /rest/v1/Foo?select=%2A&vpn_ip=eq.%2210.0.0.1%22. As the PostgrestAPI states, when using reserved characters we have to use percent encoded double quotes %22 for correct processing (Source).
This library correctly identifies the reserved characters and does as the documentation states. Unfortunately the result is always empty.
Using the generated URL in a curl request confirms that an empty result is returned.

Interestingly it is possible to perform following curl request and receiving the expected single result:

/rest/v1/Foo?select=%2A&vpn_ip=eq.10.0.0.1

Note the missing " or %22 in the request above.

With some further research I could identify a different behaviour in the official postgrest-js. It appears that not all filters must recognize reserved chars. On first glance it mainly is the in filter.

If you could confirm this @nedpals I could prepare a pull request until next week.

Edit: I would open this issue in the corresponding repository if issues were possible (nedpals/postgrest-go)

@nedpals
Copy link
Owner

nedpals commented Sep 26, 2023

hi! i haven't used supabase for a while now so i won't be able to confirm this behavior on my side (sorry about that)

feel free to send a PR if you think this is a problem that should be fixed.

@whoiscarlo
Copy link
Contributor

whoiscarlo commented Oct 25, 2023

@Fritte795

Found the issue exist in this file on function SanitizeParam. It originates from this file on line 208:

Correction The issue actually lies here on line 134 :

query, err := url.QueryUnescape(b.params.Encode())

I had a simple filter searching from rows where the email column equals a string and the returns back the column id

b.params.Encode() will return this email=eq.%test%gmail.com%22 on it's own, but after using url.QueryUnescape the new string is email=eq."[email protected]". The quotation marks (") around [email protected] cause the filter to fail. I'm not sure why the quotations are added but when they are removed the filter works as expected.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants