| Subject: | Improper escaping (patch) |
The query string that is sent to USPS is not being properly escaped.
I noticed this problem when I tried to standardize an address with a #
sign in it.
Below is a patch that uses URI to handle the escaping.
Thanks,
Jay
--- AddressStandardization.pm 2006-09-26 14:21:40.000000000 -0700
+++ AddressStandardization.pm.new 2006-11-01 11:47:27.000000000 -0800
@@ -7,6 +7,8 @@
use subs qw();
use vars qw($VERSION);
+use URI;
+
$VERSION = '0.10_02';
=head1 NAME
@@ -104,10 +106,10 @@
my $user = $self->userid;
my $pass = $self->password;
-
+
+ # build the XML string
my $xml =
- qq|API=| . $self->_api_name .
-
qq|&XML=<AddressValidateRequest%20USERID="$user"%20PASSWORD="$pass">| .
+ qq|<AddressValidateRequest USERID="$user"
PASSWORD="$pass">| .
qq|<Address ID="0">|;
foreach my $field ( $self->_fields )
@@ -117,7 +119,15 @@
$xml .= qq|</Address></AddressValidateRequest>|;
- $self->{query_string} = $xml;
+ # use the URI module to do the escaping
+ my $uri = new URI->new();
+ $uri->query_form(
+ API => $self->_api_name,
+ XML => $xml,
+ );
+
+
+ $self->{query_string} = $uri->query();
}
sub _parse_response