Disallow invalid literals

[keanu-delgado]

Hey there, here's another spec adherence proposal.

It seems that the parts of the template which are supposed to be copied over (literals) are not allowed to have a character in a specific set of disallowed characters.

This change throws an error during the parse if it finds one of these characters in a literal string.

From https://tools.ietf.org/html/rfc6570#section-2.1 :

     literals      =  %x21 / %x23-24 / %x26 / %x28-3B / %x3D / %x3F-5B
                   /  %x5D / %x5F / %x61-7A / %x7E / ucschar / iprivate
                   /  pct-encoded
                        ; any Unicode character except: CTL, SP,
                        ;  DQUOTE, "'", "%" (aside from pct-encoded),
                        ;  "<", ">", "\", "^", "`", "{", "|", "}"

And later, in the Appendix :

   Scan the template and copy literals to the result string (as in
   Section 3.1) until an expression is indicated by a "{", an error is
   indicated by the presence of a non-literals character other than "{",
   or the template ends.  When it ends, return the result string and its
   current error or non-error state.

[rodneyrehm]

looks good, thank you!

[craxal]

Perhaps this is out of scope (and I'm not a URI templates expert), but I'm encountering OData-related problems with this change. OData queries make heavy use of quotes, but the library is treating quotes as invalid characters in template literals.

Say I have the following template:

http://services.odata.org/Northwind/Northwind.svc/Customers?$filter=substringof('{+str}', CompanyName)

I would expect an expand call to produce:

http://services.odata.org/Northwind/Northwind.svc/Customers?$filter=substringof('Alfreds', CompanyName)

or

http://services.odata.org/Northwind/Northwind.svc/Customers?$filter=substringof%28%27Alfreds%27,%20CompanyName%29%20eq%20true

I can work around this by replacing quotes with their encoded values, but that requires a big code change on my end.

[rodneyrehm]

The (admittedly, not particularly well done) specification seems clear in this case. That said, I have no idea why this rule exists in the first place. I'm open to suggestions. Unless there's a good reason to throw an error, I'd rather have this rule relaxed.

@keanu-delgado what's your opinion?

---

(I'm currently on vacation so response time may vary…)

[keanu-delgado]

Hm, single quotes ' are allowed in uris (from RFC 3986), so I think it would be good to let those slide as literals.

However, the other characters in that set indicate an invalid uri by all standards, so I would prefer to continue error behavior for those.

@craxal Would allowing single quotes fix the issues with OData? From what I can tell, OData does not use any other type of quote or invalid character - so maybe we can just remove that one?

[craxal]

As far as I know, the single quotes were the only issue characters I encountered. All other characters are agreeably invalid.

[rodneyrehm]

allowing ' sounds good to me. @keanu-delgado @craxal is either of you up for a PR?

[rodneyrehm]

@craxal thanks to @keanu-delgado the issue has been resolved as of v1.18.6

[craxal]

Excellent! Thanks for the quick response time.