https://issues.apache.org/jira/browse/WICKET-1627
I like the core developers to review this bug. Bugs 1627, 1624 and 1580 are closely related to the improper /inconsistent encoding/decoding/escaping of URLs and HTML output. First, items in a URL's path need to be encoded differently than those in a query string. This is namely because of the way '+' is used to encode spaces. '+' is not decoded back to space when part of a path. Thus all those mount strategies that use the path were doing improper encoding. You wouldn't have seen this if you never had a param with a space in it. Other errors I found were URL decoding the servlet path (a) with the query-encoding logic and (b) it shouldn't be done to begin with since the container takes care of this. Also, the output of form hidden fields was wrong because it failed to decode the URL and then escape the result. Failure to decode the URL result in a double encoding (because the browser would encode it again). This caused BUG 1580. I create a WicketURLDecoder and WicketURLEncoder class with static instances - one for PATH components and one for QUERY components. One change that I introduced was that : is no longer encoded. As far as I can tell, they don't need to be, either in the query string or the path. Wicket was doing this inconsistently anyhow (see Jira for details). I adjusted 20+ test case expected results to adjust for this. I suspect that many of these issues were introduced when bookmarkable pages were added to the code base (just a guess). Since I'm still new to the code base, I'd like the core developer to comment on this. I've spent most of the week on this - I had to fix all of this to enable a search form I'm building work where the search term appears in the path. There are a couple other outstanding issues I need to probe into that are similar (for example, posting via GET to a bookmarkable page doesn't always work because the post-params get overridden by the ones encoded into the action URL). Thanks, -Doug -- View this message in context: http://www.nabble.com/Patch-submitted-for-1627%2C-1624-and-1580-tp17284232p17284232.html Sent from the Wicket - Dev mailing list archive at Nabble.com.
