Forum: Ruby on Rails Mechanize and file_column

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Alex Y. (Guest)
on 2006-05-03 21:00
(Received via mailing list)
Hi all,

Has anyone successfully used WWW::Mechanize with file_column?  I'm
trying to upload a bunch of images to a custom controller, and
something's going wrong with the parameter names.

Using a noddy controller :create action that looks like this:

   def create
     render :text => params.inspect
   end

I get this result from a manual upload from a form:

{"commit"=>"Create", "snapshot"=>{"screenshot"=>#<File:/tmp/CGI8585.3>,
"screenshot_temp"=>"", "processes"=>"foo bar"}, "action"=>"create",
"controller"=>"snapshots"}

(model name is Snapshot which has a file_column :screenshot, controller
is :snapshots)

But I get this result from Mechanize:

{"snapshot%5Bscreenshot%5D"=>#<File:/tmp/CGI8585.4>, "action"=>"create",
"controller"=>"snapshots", "snapshot%5Bprocesses%5D"=>"",
"snapshot%5Bscreenshot_temp%5D"=>""}

It looks to my untutored eye like the query keys are getting
double-quoted on upload.  Anyone else seen this, or anything like it?
The code driving mechanize looks like this:

   img = @form.file_uploads.find{|f| f.name == 'snapshot[screenshot]'}
   img_name = time + '.png'
   img.file_data = File.read(File.join(dirname, img_name))
   img.file_name = img_name
   img.mime_type = 'image/png'
   @form.fields.find{|f| f.name == 'snapshot[processes]'}.value = ''
   response = @agent.submit(@form)
   puts response.body

@form is found from @agent.get(blah).forms.first, @agent is a
WWW::Mechanize.new.

I'm stumped - I can't see anything that looks wrong here.
Alex Y. (Guest)
on 2006-05-03 21:08
(Received via mailing list)
Alex Y. wrote:
> Hi all,
<snip>
> I get this result from a manual upload from a form:
>
> {"commit"=>"Create", "snapshot"=>{"screenshot"=>#<File:/tmp/CGI8585.3>,
> "screenshot_temp"=>"", "processes"=>"foo bar"}, "action"=>"create",
> "controller"=>"snapshots"}
>
<snip>
>
> But I get this result from Mechanize:
>
> {"snapshot%5Bscreenshot%5D"=>#<File:/tmp/CGI8585.4>, "action"=>"create",
> "controller"=>"snapshots", "snapshot%5Bprocesses%5D"=>"",
> "snapshot%5Bscreenshot_temp%5D"=>""}

I'm replying to my own post here, because I've done a little more
investigation.

WWW::Mechanize uses WEBrick's HTTPUtils.escape_form on the uploaded
form, which escapes '[' and ']' via the 'unwise' character collection.

Rails builds its deep params hash by splitting the query key strings on
literal '[' characters, without unquoting, which means that Mechanize's
submission isn't interpreted in the intended way.

Now, which is correct?  Firefox submits with literal '[' characters,
which makes me think that Rails is at least partially correct, but
should it also accept '%5B...%5D'?  Is WWW::Mechanize out of spec here?

Neither would be particularly tricky to patch, and because it's blocking
me I'll probably do it over the next 24 hours either way.  It's just a
question of which is in the wrong and needs correcting.
Alex Y. (Guest)
on 2006-05-03 21:14
(Received via mailing list)
Alex Y. wrote:
<snip>
> I'm replying to my own post here, because I've done a little more
> investigation.
Further details:  PHP doesn't unquote the key values.  That's a fair
amount of evidence pointing to WWW::Mechanize being at fault...
This topic is locked and can not be replied to.