[ https://issues.apache.org/jira/browse/WHIMSY-344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sebb resolved WHIMSY-344. ------------------------- Resolution: Fixed Appears to have been fixed > Issues with URI.[un]escape > -------------------------- > > Key: WHIMSY-344 > URL: https://issues.apache.org/jira/browse/WHIMSY-344 > Project: Whimsy > Issue Type: Bug > Reporter: Sebb > Priority: Major > > URI.[un]escape have been deprecated, and need to be replaced in Whimsy code. > The suggested replacements are CGI.[un]escape and > URI.[un]encode_www_form_component > AFAICT these only work correctly for form parameters. > Space is escaped to '\+', and '\+' is unescaped to space. > This is incorrect for the path component, which uses %-encoding only. > Note that the path component allows '+' without encoding. > This clashes with the use of '+' to represent space when encoding form > parameters. > It looks like ERB::Util.url_encode may be OK for encoding path segments. > It encodes more characters than necessary, but at least it only uses > %-encoding. > CGI.unescape will correctly decode a path encoded with ERB::Util.url_encode. > However if a path component was encoded without %-encoding '+', CGI.unescape > will incorrectly decode the '+' to space. > URI.unescape uses URI::RFC2396_Parser under the hood, and that has not been > deprecated. > So a possible replacement is URI::RFC2396_Parser.new.unescape(path) -- This message was sent by Atlassian Jira (v8.20.10#820010)