Long story short
When I make a request, as follows:
import aiohttp
import asyncio
async def main(loop):
async with aiohttp.ClientSession(loop=loop) as session:
url = 'http://localhost:9766/stupid-test/'
params = 'hello=space%40invader'
async with session.get(url, params=params) as response:
print(response)
loop = asyncio.get_event_loop()
loop.run_until_complete(main(loop))
The url params are unescaped to transform the %40 to @. This also occurs when placing the query string directly in the URL.
This is evidenced by the url field of the response object, which now looks like:
<ClientResponse(http://localhost:9766/stupid-test/?hello=space@invader) [200 OK]>
...as well as the UWSGI logs for the receiving server.
This causes problems with a hash-based request signing procedure that my company uses.
We have observed this in aiohttp version 1.3.5, but not version 1.0.2 (unclear exactly where the behavior begins).
It seems to be ultimately boiling down to the use of YARL... not sure to what degree this behavior is non-conformant with specs, but it is not consistent with the behavior of other Python request libs.
from yarl import URL
u = URL('http://www.test.com/?email=smooth%40criminal')
u
URL('http://www.test.com/?email=smooth@criminal')
网友评论