Bug: Request URI mutation when saving

🙋 Help
1

When I make a request to {{url}}/oauth/initiate/facebook?redirect=http://localhost:3000/oauth/callback/facebook&type=login, the & is encoded to &. If I reorder the parameters and put the type parameter first, then the request goes through fine.

I haven’t seen any browsers behave in this manner, and encoding used isn’t ideal, so I’m assuming it’s a bug.

2

Hi @bayssmekanique - what version of the app are you using?

For the latest version of the Chrome app (5.4.0) and the native app (5.5.0), both these URLs give the same JSON response:

https://postman-echo.com/get?redirect=http://localhost:3000/oauth/callback/facebook&type=login
and
https://postman-echo.com/get?redirect=type=login&http://localhost:3000/oauth/callback/facebook

4

After some more investigation, the issue is not on the server end, but in Postman, but it’s not an encoding issue like I had originally thought. The URL is actually being mutated and I’ve finally figured out the magic combination to cause the issue.

If you use a variable for your base route and have a URL as one of your query parameters, and you save the request, it mangles the request prior to sending it. If you use the full base route without using a variable it works fine, and if you don’t save the request it works fine, but once you save the request it starts acting oddly.

Example route: {{url}}/get?type=login&redirect=http://localhost:3000/oauth/callback/google

I’ve set {{url}} to our own test servers, postman-echo, and httpbin and the results are the same on all servers.

Here are the results from the postman-echo server using the example route:

{
    "args": {
        "type": "login",
        "redirect": [
            "http://localhost:3000/oauth/callback/google?type=login",
            "http://localhost:3000/oauth/callback/google"
        ]
    },
    "headers": {
        "host": "postman-echo.com",
        "accept": "*/*",
        "accept-encoding": "gzip, deflate",
        "cookie": "sails.sid=s%3AZYKWOnKjmg1nlK8ZiglV6CmCCkvLOHYg.Y3QSM1t%2BcGACB1g2WeQTbvcy5WSSRMmPWEgC30YatIc",
        "user-agent": "PostmanRuntime/7.1.1",
        "x-forwarded-port": "80",
        "x-forwarded-proto": "http"
    },
    "url": "http://postman-echo.com/get?type=login&redirect=http://localhost:3000/oauth/callback/google?type=login&redirect=http://localhost:3000/oauth/callback/google"
}