Handling of encoded slashes in paths
Both Symfony and Apache are broken by default:
- Apache needs
AllowEncodedSlashes=NoDecode
, which can't be set in.htaccess
. We either need to document it, or a health check that tests how the server performs (the API needs to know what the public URL is) - Symfony by default decodes "/" for routing, which can be worked around by defining
"requirements" = {"identifier" = ".+"},
- If the route is
/<id>
it's still broken if you pass "/foo%2Fbar/bla", since the id isfoo/bar/bla
instead of failing because the route doesn't exist. - If there is a route
/<id>/bla
then the ID is correctlyfoo/bar
at least.
- If the route is
Resources: