Details
-
Type:
Bug
-
Status: Ready for Work
-
Priority:
Should
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:
-
Complexity:Medium
-
Development:
Description
See and the side discussion leading to https://talk.openmrs.org/t/module-identifiers-in-restws-module/8641/13
Our spring configuration always treats everything after the last dot in a URL as a file extension, which is a problem if you need to do something like this: .../ws/rest/v1/location/Inpatient+Ward+A.2. There may be other situations where we want to allows dots in the final part of a URL.
RESTWS-606 and RESTWS-627 found a way to hackily fix this from the REST module, but we should solve this going forwards in openmrs-core.
See also the section on Suffix Pattern Matching at https://docs.spring.io/spring/docs/current/spring-framework-reference/html/mvc.html which says
suffix pattern matching as well as content negotiation may be used in some circumstances to attempt malicious attacks and there are good reasons to restrict them meaningfully
and also describes that you can change this behavior with useRegisteredSuffixPatternMatch
