Unable to parse request params if request path is UTF-8 encoded

Sometimes we get URLs like the following:


for the following route

  scope "/auth", MyAppWeb do
    pipe_through :browser

    get "/:provider", AuthController, :request

This should be a valid UTF-8 URL.

The problem is that when the controller function reads this, it puts the whole state in the
params value for provider

%{"provider" => "auth0?state=SFMyNTY.g2gDbQAAAAEvbgYACML2VY0BYgABUYA.k0AfdGrG5hm4Cza7WKxIU_ti05nycjEOftJQi1l-t4I"}

instead of separating them into provider and state.

This is causing some errors with our Ueberauth integration, as it can’t recognize that whole string as a provider.

Is there a configuration I am missing to split the string on %3F instead of ? on the request path? Any other alternative?

You said UTF-8, but I think you meant URI encoding.

This should be a valid UTF-8 URL.

I want to say that this is NOT a valid use of URI encoding. Percent-encoding is explicitly for escaping reserved characters that otherwise have specific meanings in a URI, such as the ? which separates the path from the query string. The only reason to encode it is because you have a ? in the path (ie. a ? that should NOT be interpreted as the path/query_string separator.

I’m not familiar enough with the phoenix plugs at that level of an incoming request, but it seems likely to me that you won’t be able to easily accommodate that incorrectly encoded URL.

The problem here lies with wherever those URLs are coming from, the request needs to be fixed, not your phoenix app.