Page MenuHomePhabricator
Create Task
Maniphest T45600

query string's ending semicolon can appear to be the last field's value
Closed, ResolvedPublic
Actions

Description

If the last key's value in the query string is empty, then the trailing semicolon appears to be its value. For example,

mw.eventLog.schemas.GettingStarted.defaults = {};
mw.eventLog.logEvent( 'GettingStarted', {anon: false, action: "x", token: ""} );

validates OK but logs as /event.gif?_db=my_wiki&_id=GettingStarted&_rv=4910146&_ok=true&anon=false&action=x&token=;

and DevServer.php interprets this final parameter as { token: ";" }. The server log2json.py code strips the semicolon (using parse_qsl(q.strip('?;')) ) so that endpoint doesn't experience this bug.

One fix might be to always pad the query string with &;, in logEvent()

beacon.src = baseUri + '?' + queryString + '&;';

This bug will go away when and if we encode a JSON structure in the query string, as its key values are delimited by JSON punctuation.

Version: unspecified
Severity: minor

Details

Reference
bz43600

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 1:18 AM
bzimport added a project: MediaWiki-extensions-EventLogging.
bzimport set Reference to bz43600.
Spage created this task.Jan 3 2013, 12:19 AM
ori added a comment.Jan 10 2013, 11:20 AM

Gerrit change 42220.

Aklapper added a comment.Feb 26 2014, 12:55 PM

[moving from MediaWiki extensions to Analytics product - see bug 61946]

Luke081515 removed a subscriber: wikibugs-l-list.Jan 28 2016, 6:08 PM
Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptJan 28 2016, 6:08 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL