Staging data with \" inside string

[emilfolino]

Thanks for a very nice web service, during usage I discovered an encoding issue of valid JSON.

Doing POST or PUT where the data includes a string with an escaped quotation mark subsequent fetched data is returned as invalid JSON.

Steps to reproduce:

curl -H "Content-Type: application/json" -X POST -d '{"description": "a\"b\"c"}' http://rem-rest-api.herokuapp.com/api/wfacility -b rem_cookies.txt -c rem_cookies.txt
curl -H "Content-Type: application/json" http://rem-rest-api.herokuapp.com/api/wfacility -b rem_cookies.txt

Error message:

{
  "message": "Unexpected end of input",
  "stack": "SyntaxError: Unexpected end of input\n    at Object.parse (native)\n    at /home/efo/dbwebb/rem_org/Type.js:15:44\n    at Array.forEach (native)\n    at /home/efo/dbwebb/rem_org/Type.js:14:25\n    at Array.map (native)\n    at Object.module.exports.decode (/home/efo/dbwebb/rem_org/Type.js:12:17)\n    at getData (/home/efo/dbwebb/rem_org/index.js:126:18)\n    at Server.route (/home/efo/dbwebb/rem_org/index.js:31:12)\n    at emitTwo (events.js:87:13)\n    at Server.emit (events.js:172:7)"
}

I propose a solution where instead of urlencoding CSV of the data base64 encoding is used directly on the JSON.stringify string of the entire data object. base64 encoding is recommended in RFC 6265:

To maximize compatibility with user agents, servers that wish to
store arbitrary data in a cookie-value SHOULD encode that data, for
example, using Base64 [RFC4648].

Examples of the stageData and getData functions:

function getData(cookieString) {
	var cookieData = data
	if (cookieString) {
		var map = Cookie.parse(cookieString)
		cookieData = JSON.parse(new Buffer(map["data"], 'base64').toString('utf8'))
	}
	return JSON.parse(JSON.stringify(cookieData))
}
function stageData(db) {
	var dataString = new Buffer(JSON.stringify(db)).toString('base64')
	return "data=" + dataString + " ; Path=/"
}