mirror of
https://github.com/nodejs/node.git
synced 2024-11-28 14:33:11 +01:00
c9aec2b716
stringifyPrimitive has always failed to stringify numbers since its
introduction in 422d3c9
. This went uncaught due to encodeURIComponent's
string coercion.
Fixes: https://github.com/iojs/io.js/issues/1208
PR-URL: https://github.com/iojs/io.js/pull/1213
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Brian White <mscdex@mscdex.net>
264 lines
6.2 KiB
JavaScript
264 lines
6.2 KiB
JavaScript
// Query String Utilities
|
|
|
|
'use strict';
|
|
|
|
const QueryString = exports;
|
|
|
|
|
|
function charCode(c) {
|
|
return c.charCodeAt(0);
|
|
}
|
|
|
|
|
|
// a safe fast alternative to decodeURIComponent
|
|
QueryString.unescapeBuffer = function(s, decodeSpaces) {
|
|
var out = new Buffer(s.length);
|
|
var state = 'CHAR'; // states: CHAR, HEX0, HEX1
|
|
var n, m, hexchar;
|
|
|
|
for (var inIndex = 0, outIndex = 0; inIndex <= s.length; inIndex++) {
|
|
var c = s.charCodeAt(inIndex);
|
|
switch (state) {
|
|
case 'CHAR':
|
|
switch (c) {
|
|
case charCode('%'):
|
|
n = 0;
|
|
m = 0;
|
|
state = 'HEX0';
|
|
break;
|
|
case charCode('+'):
|
|
if (decodeSpaces) c = charCode(' ');
|
|
// pass thru
|
|
default:
|
|
out[outIndex++] = c;
|
|
break;
|
|
}
|
|
break;
|
|
|
|
case 'HEX0':
|
|
state = 'HEX1';
|
|
hexchar = c;
|
|
if (charCode('0') <= c && c <= charCode('9')) {
|
|
n = c - charCode('0');
|
|
} else if (charCode('a') <= c && c <= charCode('f')) {
|
|
n = c - charCode('a') + 10;
|
|
} else if (charCode('A') <= c && c <= charCode('F')) {
|
|
n = c - charCode('A') + 10;
|
|
} else {
|
|
out[outIndex++] = charCode('%');
|
|
out[outIndex++] = c;
|
|
state = 'CHAR';
|
|
break;
|
|
}
|
|
break;
|
|
|
|
case 'HEX1':
|
|
state = 'CHAR';
|
|
if (charCode('0') <= c && c <= charCode('9')) {
|
|
m = c - charCode('0');
|
|
} else if (charCode('a') <= c && c <= charCode('f')) {
|
|
m = c - charCode('a') + 10;
|
|
} else if (charCode('A') <= c && c <= charCode('F')) {
|
|
m = c - charCode('A') + 10;
|
|
} else {
|
|
out[outIndex++] = charCode('%');
|
|
out[outIndex++] = hexchar;
|
|
out[outIndex++] = c;
|
|
break;
|
|
}
|
|
out[outIndex++] = 16 * n + m;
|
|
break;
|
|
}
|
|
}
|
|
|
|
// TODO support returning arbitrary buffers.
|
|
|
|
return out.slice(0, outIndex - 1);
|
|
};
|
|
|
|
|
|
QueryString.unescape = function(s, decodeSpaces) {
|
|
try {
|
|
return decodeURIComponent(s);
|
|
} catch (e) {
|
|
return QueryString.unescapeBuffer(s, decodeSpaces).toString();
|
|
}
|
|
};
|
|
|
|
|
|
var hexTable = new Array(256);
|
|
for (var i = 0; i < 256; ++i)
|
|
hexTable[i] = '%' + ((i < 16 ? '0' : '') + i.toString(16)).toUpperCase();
|
|
QueryString.escape = function(str) {
|
|
// replaces encodeURIComponent
|
|
// http://www.ecma-international.org/ecma-262/5.1/#sec-15.1.3.4
|
|
str = '' + str;
|
|
var len = str.length;
|
|
var out = '';
|
|
var i, c;
|
|
|
|
if (len === 0)
|
|
return str;
|
|
|
|
for (i = 0; i < len; ++i) {
|
|
c = str.charCodeAt(i);
|
|
|
|
// These characters do not need escaping (in order):
|
|
// ! - . _ ~
|
|
// ' ( ) *
|
|
// digits
|
|
// alpha (uppercase)
|
|
// alpha (lowercase)
|
|
if (c === 0x21 || c === 0x2D || c === 0x2E || c === 0x5F || c === 0x7E ||
|
|
(c >= 0x27 && c <= 0x2A) ||
|
|
(c >= 0x30 && c <= 0x39) ||
|
|
(c >= 0x41 && c <= 0x5A) ||
|
|
(c >= 0x61 && c <= 0x7A)) {
|
|
out += str[i];
|
|
continue;
|
|
}
|
|
|
|
// Other ASCII characters
|
|
if (c < 0x80) {
|
|
out += hexTable[c];
|
|
continue;
|
|
}
|
|
|
|
// Multi-byte characters ...
|
|
if (c < 0x800) {
|
|
out += hexTable[0xC0 | (c >> 6)] + hexTable[0x80 | (c & 0x3F)];
|
|
continue;
|
|
}
|
|
if (c < 0xD800 || c >= 0xE000) {
|
|
out += hexTable[0xE0 | (c >> 12)] +
|
|
hexTable[0x80 | ((c >> 6) & 0x3F)] +
|
|
hexTable[0x80 | (c & 0x3F)];
|
|
continue;
|
|
}
|
|
// Surrogate pair
|
|
++i;
|
|
c = 0x10000 + (((c & 0x3FF) << 10) | (str.charCodeAt(i) & 0x3FF));
|
|
out += hexTable[0xF0 | (c >> 18)] +
|
|
hexTable[0x80 | ((c >> 12) & 0x3F)] +
|
|
hexTable[0x80 | ((c >> 6) & 0x3F)] +
|
|
hexTable[0x80 | (c & 0x3F)];
|
|
}
|
|
return out;
|
|
};
|
|
|
|
var stringifyPrimitive = function(v) {
|
|
if (typeof v === 'string')
|
|
return v;
|
|
if (typeof v === 'number' && isFinite(v))
|
|
return '' + v;
|
|
if (typeof v === 'boolean')
|
|
return v ? 'true' : 'false';
|
|
return '';
|
|
};
|
|
|
|
|
|
QueryString.stringify = QueryString.encode = function(obj, sep, eq, options) {
|
|
sep = sep || '&';
|
|
eq = eq || '=';
|
|
|
|
var encode = QueryString.escape;
|
|
if (options && typeof options.encodeURIComponent === 'function') {
|
|
encode = options.encodeURIComponent;
|
|
}
|
|
|
|
if (obj !== null && typeof obj === 'object') {
|
|
var keys = Object.keys(obj);
|
|
var len = keys.length;
|
|
var flast = len - 1;
|
|
var fields = '';
|
|
for (var i = 0; i < len; ++i) {
|
|
var k = keys[i];
|
|
var v = obj[k];
|
|
var ks = encode(stringifyPrimitive(k)) + eq;
|
|
|
|
if (Array.isArray(v)) {
|
|
var vlen = v.length;
|
|
var vlast = vlen - 1;
|
|
for (var j = 0; j < vlen; ++j) {
|
|
fields += ks + encode(stringifyPrimitive(v[j]));
|
|
if (j < vlast)
|
|
fields += sep;
|
|
}
|
|
if (vlen && i < flast)
|
|
fields += sep;
|
|
} else {
|
|
fields += ks + encode(stringifyPrimitive(v));
|
|
if (i < flast)
|
|
fields += sep;
|
|
}
|
|
}
|
|
return fields;
|
|
}
|
|
return '';
|
|
};
|
|
|
|
// Parse a key=val string.
|
|
QueryString.parse = QueryString.decode = function(qs, sep, eq, options) {
|
|
sep = sep || '&';
|
|
eq = eq || '=';
|
|
var obj = {};
|
|
|
|
if (typeof qs !== 'string' || qs.length === 0) {
|
|
return obj;
|
|
}
|
|
|
|
var regexp = /\+/g;
|
|
qs = qs.split(sep);
|
|
|
|
var maxKeys = 1000;
|
|
if (options && typeof options.maxKeys === 'number') {
|
|
maxKeys = options.maxKeys;
|
|
}
|
|
|
|
var len = qs.length;
|
|
// maxKeys <= 0 means that we should not limit keys count
|
|
if (maxKeys > 0 && len > maxKeys) {
|
|
len = maxKeys;
|
|
}
|
|
|
|
var decode = QueryString.unescape;
|
|
if (options && typeof options.decodeURIComponent === 'function') {
|
|
decode = options.decodeURIComponent;
|
|
}
|
|
|
|
var keys = [];
|
|
for (var i = 0; i < len; ++i) {
|
|
var x = qs[i].replace(regexp, '%20'),
|
|
idx = x.indexOf(eq),
|
|
k, v;
|
|
|
|
if (idx >= 0) {
|
|
k = decodeStr(x.substring(0, idx), decode);
|
|
v = decodeStr(x.substring(idx + 1), decode);
|
|
} else {
|
|
k = decodeStr(x, decode);
|
|
v = '';
|
|
}
|
|
|
|
if (keys.indexOf(k) === -1) {
|
|
obj[k] = v;
|
|
keys.push(k);
|
|
} else if (Array.isArray(obj[k])) {
|
|
obj[k].push(v);
|
|
} else {
|
|
obj[k] = [obj[k], v];
|
|
}
|
|
}
|
|
|
|
return obj;
|
|
};
|
|
|
|
|
|
function decodeStr(s, decoder) {
|
|
try {
|
|
return decoder(s);
|
|
} catch (e) {
|
|
return QueryString.unescape(s, true);
|
|
}
|
|
}
|