[Bug 45694] New: WinHttpOpenRequest: unsafe characters are not escaped

Thu Aug 23 08:19:30 CDT 2018

https://bugs.winehq.org/show_bug.cgi?id=45694

            Bug ID: 45694
           Summary: WinHttpOpenRequest: unsafe characters are not escaped
           Product: Wine
           Version: 3.14
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: winhttp
          Assignee: wine-bugs at winehq.org
          Reporter: ebissonnette at genetec.com
      Distribution: ---

WinHttpOpenRequest does not escape unsafe characters in LPCWSTR object.

An application therefore fails to issue a valid HTTP request when it passes a
path that contains unsafe characters, such as a space, in the query part of the
URL.

For example :
WinHttpOpenRequest(hConnect, NULL, "/search.cgi?word=Some example", NULL, NULL,
NULL, 0);

The resulting HTTP request contains the unsafe character. It should have been
converted to "/search.cgi?word=Some%20example"

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.