如何允许 OData 端点中的 ' 字符 URL
how to allow ' character in OData endpoint URL
如果实体存在,我有 OData 端点来过滤客户端的名字和姓氏。当用户在名称字符串中使用 ' 字符时会出现问题,这会破坏 OData URI 解析器
我的测试字符串将是
http://localhost.com/Clients?$filter=FirstName eq 'test'20001' and
LastName eq 'test20001'
我的堆栈跟踪
{
"error": {
"code": "",
"message": "The query specified in the URI is not valid. There is an unterminated string literal at position 23 in 'FirstName eq 'test20001'.",
"innererror": {
"message": "There is an unterminated string literal at position 23 in 'FirstName eq 'test20001'.",
"type": "Microsoft.OData.ODataException",
"stacktrace": " at Microsoft.OData.UriParser.ExpressionLexer.NextToken()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseComparison()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseLogicalAnd()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseLogicalOr()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseExpression()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseExpressionText(String expressionText)\r\n at Microsoft.OData.UriParser.ODataQueryOptionParser.ParseFilterImplementation(String filter, ODataUriParserConfiguration configuration, ODataPathInfo odataPathInfo)\r\n at Microsoft.OData.UriParser.ODataQueryOptionParser.ParseFilter()\r\n at System.Web.OData.Query.FilterQueryOption.get_FilterClause()\r\n at System.Web.OData.Query.Validators.FilterQueryValidator.Validate(FilterQueryOption filterQueryOption, ODataValidationSettings settings)\r\n at System.Web.OData.Query.FilterQueryOption.Validate(ODataValidationSettings validationSettings)\r\n at System.Web.OData.Query.Validators.ODataQueryValidator.Validate(ODataQueryOptions options, ODataValidationSettings validationSettings)\r\n at System.Web.OData.Query.ODataQueryOptions.Validate(ODataValidationSettings validationSettings)\r\n at System.Web.OData.EnableQueryAttribute.ValidateQuery(HttpRequestMessage request, ODataQueryOptions queryOptions)\r\n at System.Web.OData.EnableQueryAttribute.ExecuteQuery(Object response, HttpRequestMessage request, HttpActionDescriptor actionDescriptor, ODataQueryContext queryContext)\r\n at System.Web.OData.EnableQueryAttribute.OnActionExecuted(HttpActionExecutedContext actionExecutedContext)"
}
}
}
这是我如何解决的
var filter = '$filter=FirstName eq \'' + escapeString(self.selectedClient().FirstName())
function escapeString(string) {
string = string.replace(/'/g, '\'\'');
string = string.replace(/&/g, '%26');
return string;
}
如果实体存在,我有 OData 端点来过滤客户端的名字和姓氏。当用户在名称字符串中使用 ' 字符时会出现问题,这会破坏 OData URI 解析器 我的测试字符串将是
http://localhost.com/Clients?$filter=FirstName eq 'test'20001' and LastName eq 'test20001'
我的堆栈跟踪
{
"error": {
"code": "",
"message": "The query specified in the URI is not valid. There is an unterminated string literal at position 23 in 'FirstName eq 'test20001'.",
"innererror": {
"message": "There is an unterminated string literal at position 23 in 'FirstName eq 'test20001'.",
"type": "Microsoft.OData.ODataException",
"stacktrace": " at Microsoft.OData.UriParser.ExpressionLexer.NextToken()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseComparison()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseLogicalAnd()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseLogicalOr()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseExpression()\r\n at Microsoft.OData.UriParser.UriQueryExpressionParser.ParseExpressionText(String expressionText)\r\n at Microsoft.OData.UriParser.ODataQueryOptionParser.ParseFilterImplementation(String filter, ODataUriParserConfiguration configuration, ODataPathInfo odataPathInfo)\r\n at Microsoft.OData.UriParser.ODataQueryOptionParser.ParseFilter()\r\n at System.Web.OData.Query.FilterQueryOption.get_FilterClause()\r\n at System.Web.OData.Query.Validators.FilterQueryValidator.Validate(FilterQueryOption filterQueryOption, ODataValidationSettings settings)\r\n at System.Web.OData.Query.FilterQueryOption.Validate(ODataValidationSettings validationSettings)\r\n at System.Web.OData.Query.Validators.ODataQueryValidator.Validate(ODataQueryOptions options, ODataValidationSettings validationSettings)\r\n at System.Web.OData.Query.ODataQueryOptions.Validate(ODataValidationSettings validationSettings)\r\n at System.Web.OData.EnableQueryAttribute.ValidateQuery(HttpRequestMessage request, ODataQueryOptions queryOptions)\r\n at System.Web.OData.EnableQueryAttribute.ExecuteQuery(Object response, HttpRequestMessage request, HttpActionDescriptor actionDescriptor, ODataQueryContext queryContext)\r\n at System.Web.OData.EnableQueryAttribute.OnActionExecuted(HttpActionExecutedContext actionExecutedContext)"
}
}
}
这是我如何解决的
var filter = '$filter=FirstName eq \'' + escapeString(self.selectedClient().FirstName())
function escapeString(string) {
string = string.replace(/'/g, '\'\'');
string = string.replace(/&/g, '%26');
return string;
}