Magento2: REST API unable to make requests with slash (/) in SKU

Created on 20 Feb 2017  路  11Comments  路  Source: magento/magento2

Inside the REST API, it is impossible to access a resource that requires an SKU if the SKU contains a forward slash.

Preconditions

  1. Tested in CE 2.1.2 and CE 2.1.3. No indication of fix in 2.1.4 release notes

Steps to reproduce

  1. Fresh install
  2. Create product (of any type) with SKU containing /, e.g. "CLE-056621/6"
  3. Make REST request with encoded SKU (as Swagger does) e.g. "V1/products/CLE-056621%2F6", "/V1/products/CLE-056621%2F6/media"

Expected result

  1. Should be possible to make a request with encoded SKU, or by product ID

Actual result

  1. A request with a slash ("CLE-056621/6") returns "Not found" 404
  2. A request with encoded SKU ("CLE-056621%2F6") returns
    { "message": "Requested product doesn't exist" }
FrameworWebapi Fixed in 2.2.x Confirmed Format is valid Ready for Work Reproduced on 2.1.x Reproduced on 2.2.x Reproduced on 2.3.x bug report
Source
picture mplccp

Most helpful comment

Working on this.

picture RomaKis on 15 Dec 2017
👍2

All 11 comments

Thanks for reporting - internal issue number is MAGETWO-60899.

misha-kotov picture misha-kotov on 22 Feb 2017

It appears that this is an issue with Apache rather than Magento. You might have noticed that the 404 response codes are Apache generated instead of the usual Magento 404 pages. This is because, by default, forward slashes cannot be encoded in URLs without getting rejected. Add the option "AllowEncodedSlashes On" in either your global or virtual host config (or maybe in the Magento .htaccess, though this could be a security risk for users who would never make requests with encoded forward slashes).

This worked for me. Good luck.

AirmanAJK picture AirmanAJK on 6 Mar 2017

@mplccp, thank you for your report.
We've created internal ticket(s) MAGETWO-60899 to track progress on the issue.

magento-engcom-team picture magento-engcom-team on 3 Oct 2017

@AirmanAJK can you share your .htaccess or apache config? I'm trying to set AllowEncodedSlashes On, but this results in a 500 server error.

Tjitse-E picture Tjitse-E on 26 Oct 2017

For those who can't wait to fix it I suggest temporary solution here:
https://magento.stackexchange.com/questions/142056/how-to-get-magento2-product-with-rest-if-sku-has-slash/201892#201892

agata-maksymiuk picture agata-maksymiuk on 17 Nov 2017

It seems to be resolved somehow or version 2.1.9 is not affected. I've been able to successfully create and update a product with slashes in the sku. Encode the slash using '%2f'

For the update I used the following example API call:

PUT: /rest/all/V1/products/article%2fwith%2fslash%2fin%2fsku
JSON: {
"product": {
"status": 1,
"type_id": "simple",
"name": "Test article is updated..."
}
}

keijsers picture keijsers on 11 Dec 2017

Working on this.

RomaKis picture RomaKis on 15 Dec 2017
👍2

Hi @mplccp
The issue has been fixed and delivered in 2.2-develop branch. Will be available with upcoming patch release.

okorshenko picture okorshenko on 18 Dec 2017
👍1

Has their been progress on this as still getting this issue in 2.2.3

stephenbori picture stephenbori on 2 Feb 2020

We are still experiencing this issue in 2.3.3.

JaredAllen1 picture JaredAllen1 on 13 Feb 2020

@stephenbori @JaredAllen1
Are you using Apache? If yes - did you tried to to set following option in virtualhost?

AllowEncodedSlashes NoDecode

Ref: https://github.com/magento/magento2/issues/13343#issuecomment-362783825

ihor-sviziev picture ihor-sviziev on 20 Feb 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

BenSpace48 picture BenSpace48  路  3Comments
phirunson picture phirunson  路  3Comments
algostore picture algostore  路  3Comments
andreaskoch picture andreaskoch  路  3Comments
ostmond picture ostmond  路  3Comments