Thanks to both of you for reviews. I added a flag in 1585157 that controls how it handles ' ' in both paths.
I also renamed the little stack method since this is the only caller. On Fri, Apr 4, 2014 at 8:13 AM, Yann Ylavic <[email protected]> wrote: > On Fri, Apr 4, 2014 at 1:15 PM, Eric Covener <[email protected]> wrote: >> However this is another part of the escaping here that is wrong half the >> time. It you're not substituting into the query string, we want c2x. > > Agreed, POST vars spaces (application/x-www-form-urlencoded) for > example should be %20-encoded (although it's not always observed). > IMHO, '+' vs %20 deserves its own escape_uri() arg. -- Eric Covener [email protected]
