Fix unsafe URLs being passed around causing URL encoding

issues and 404 not found when making requests to the server.

puppetboard/app.py

@@ -4,9 +4,9 @@ from __future__ import absolute_import
 import logging
 import collections
 try:
-    from urllib import unquote
+    from urllib import unquote, unquote_plus, quote_plus
 except ImportError:
-    from urllib.parse import unquote
+    from urllib.parse import unquote, unquote_plus, quote_plus
 from datetime import datetime, timedelta
 from itertools import tee
 
@@ -626,10 +626,15 @@ def fact(env, fact, value):
     if fact in graph_facts and not value:
         render_graph = True
 
+    value_safe = value
+    if value is not None:
+        value_safe = unquote_plus(value)
+
     return render_template(
         'fact.html',
         fact=fact,
         value=value,
+        value_safe=value_safe,
         render_graph=render_graph,
         envs=envs,
         current_env=env)
@@ -641,6 +646,8 @@ def fact(env, fact, value):
 @app.route('/<env>/fact/<fact>/json', defaults={'node': None, 'value': None})
 @app.route('/fact/<fact>/<value>/json',
            defaults={'env': app.config['DEFAULT_ENVIRONMENT'], 'node': None})
+@app.route('/fact/<fact>/<path:value>/json',
+           defaults={'env': app.config['DEFAULT_ENVIRONMENT'], 'node': None})
 @app.route('/<env>/fact/<fact>/<value>/json', defaults={'node': None})
 @app.route('/node/<node>/facts/json',
            defaults={'env': app.config['DEFAULT_ENVIRONMENT'],
@@ -680,10 +687,17 @@ def fact_ajax(env, node, fact, value):
         query = None
 
     # Generator needs to be converted (graph / total)
+    try:
+        value = int(value)
+    except ValueError:
+        if value is not None:
+            query.add(EqualsOperator('value', unquote_plus(value)))
+    except TypeError:
+        pass
+
     facts = [f for f in get_or_abort(
         puppetdb.facts,
         name=fact,
-        value=value,
         query=query)]
 
     total = len(facts)
@@ -704,9 +718,13 @@ def fact_ajax(env, node, fact, value):
                 url_for('node', env=env, node_name=fact_h.node),
                 fact_h.node))
         if not value:
+            fact_value = fact_h.value
+            if isinstance(fact_value, unicode) or isinstance(fact_value, str):
+                fact_value = quote_plus(fact_h.value)
+
             line.append('<a href="{0}">{1}</a>'.format(
                 url_for(
-                    'fact', env=env, fact=fact_h.name, value=fact_h.value),
+                    'fact', env=env, fact=fact_h.name, value=fact_value),
                 fact_h.value))
 
         json['data'].append(line)

puppetboard/templates/fact.html

@@ -31,7 +31,7 @@ table.on('xhr', function(e, settings, json){
 {% if render_graph %}
 <div id="factChart" width="300" height="300"></div>
 {% endif %}
-<h1>{{ fact }}{% if value %}/{{ value }}{% endif %}</h1>
+<h1>{{ fact }}{% if value_safe %} : {{ value_safe }}{% endif %}</h1>
 <table id="facts_table" class='ui fixed very basic compact table stackable'>
   <thead>
     <tr>