Stas Bekman wrote:
Good catch!
I was working on the code to implement encoding, and this is wrong to escape '/' it's an absolutely valid string in the query_string.
All we need to escape is <>&, may be "
Correct me if I'm wrong.
you are not wrong but it seems the w3c validator is way behind ... maybe we will run into trouble later i dont know.
sorry, i didn't know - i never use their validator :)
According to the RFC 2396: http://www.faqs.org/rfcs/rfc2396.html uric = reserved | unreserved | escaped reserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" | "$" | "," unreserved = alphanum | mark mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
escaped = "%" hex hex
hex = digit | "A" | "B" | "C" | "D" | "E" | "F" |
"a" | "b" | "c" | "d" | "e" | "f"so "/" is not a problem.
On the other hand we can use URI::Escape and let it handle the details. The question is whether it's OK if we escape everything like it does:
perl -MURI::Escape -le 'print uri_escape("http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer";);'
http%3A%2F%2Ftheoryx5.uwinnipeg.ca%2Fcgi-bin%2Fppmserver%3Furn%3A%2FPPMServer
I don't think this is a good idea.
__________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
