AQL objects endpoint does not escape encoded ampersand (&) in the query parameter

XMLWordPrintable

    • 12
    • Severity 3 - Minor
    • 9

      Update 1 May 2024

      We're closing this bug as resolved as we now support the requested functionality via the POST object/aql endpoint. This now allows you to pass the & character through the body payload without having issues. Alternatively, you can also use the POST /object/navlist/aql endpoint.

      Please note that the GET AQL objects endpoint has been deprecated.

      Issue Summary

      GET AQL objects endpoint does not escape encoded ampersand (%26) in the query parameter

      Steps to Reproduce

      1. Create an object and add an attribute where its value has the & character 
      2. Try to query this object using the GET AQL objects endpoint

      Expected Results

      The encoded & character (%26) will be correctly escaped and the query will return the object

      Actual Results

      The encoded & character (%26) is not being escaped and it is making the request understand that any value after it will be another query string parameter, which will result in an incorrect search or sometimes breaking the request

            Assignee:
            Unassigned
            Reporter:
            Yuri Moura (Inactive)
            Votes:
            17 Vote for this issue
            Watchers:
            21 Start watching this issue

              Created:
              Updated:
              Resolved: