4

I would like to know if square brackets ([ and ]) are standard in REST URL parameters.

  1. I have to call a Cloud REST WebService by settings all parameters in the URL. The URL looks like: https://DNS_SERVEUR/api/2/conversation?filters[website]=1234&data=a0123....

    You can see that one parameter's name contains square brackets: filters[website]

  2. Calling the URL directly with Firefox or SOAP-UI does not raise any issue (they do not crash on square brackets).

    However, using Oracle Fusion Middleware 12.2.1.1.0 and dedicated REST adapter, I have an error: square bracket characters are not allowed in parameter name.

So here is my question: Can square bracket characters ([ and ]) be used as standard REST URL parameters? Or is it a limitation in Oracle Fusion Middleware?

I searched on the Internet and did not get any clear answer. The only example (in French) using it is to manipulate associative array in PHP: http://cyberzoide.developpez.com/php4/url/#LII-E. As PHP is very permissive, I do not take it has a reliable reference for standard.

Jordan Running
  • 102,619
  • 17
  • 182
  • 182
ymir
  • 93
  • 1
  • 9
  • There is some example of good and bad URL patterns here : http://www.restapitutorial.com/lessons/restfulresourcenaming.html But nothing about '[' and ']' parameters – ymir Feb 23 '18 at 14:21

2 Answers2

4

RFC 3986 should be the go-to for understanding what is allowed in the query of a URI.

query       = *( pchar / "/" / "?" )
pchar         = unreserved / pct-encoded / sub-delims / ":" / "@"

Hook characters are gen-delims, not sub-delims

gen-delims    = ":" / "/" / "?" / "#" / "[" / "]" / "@"

So they should be encoded when appearing in the query part.

See also https://stackoverflow.com/a/2375597/54734

Community
  • 1
  • 1
VoiceOfUnreason
  • 52,766
  • 5
  • 49
  • 91
  • Thank you, it answer my question. Those caracters are legit as delimiter but it is up to parsing algorithm to decide to use them (or not). At https://tools.ietf.org/html/rfc3986#section-2.2, it says : "These characters are called "reserved" because they may (or may not) be defined as delimiters by the generic syntax, by each scheme-specific syntax, or by the implementation-specific syntax of a URI's dereferencing algorithm". It seems in my case, the algorithm decided to ban those charaters – ymir Feb 26 '18 at 23:13
0

In fact there is to way to manage REST WebService and it influence the characters allowed in URL :

  1. Without any description language, then there no rule to controle your URI exept what HTTP protocole allows. So, refering to VoiceOfUnreason's response, [] characters are allowed but there interpretation is depending to the server application
  2. With a WADL description language (the equivalent of WSDL but for REST). The dedicated RFC (Web Application Description Language) tells parameter's name must respect NMTOKEN schema. And if you look at NMTOKEN definition (xsd:NMTOKEN), it does not allow [].

Yet Oracle Fusion Middleware use WADL with REST, it is natural it does not allow [] characters in REST parameter's name.

ymir
  • 93
  • 1
  • 9