On Tue, 2007-05-29 at 12:52 +0100, James Rutherford wrote: > Well if we're going to be strict, we should escape the value of the > handle 1234/56 as 1234%2F56. Since DSpace already breaks this rule, I > didn't deem including a colon as such a great crime ;)
Fair point, and you are probably right. But there is strict and there is strict... and it isn't entirely clear that the handle should be treated as a complete unit rather than the separation of prefix and suffix - globally, that's how they need to be referred to, but then we're discussing local urls here ;-) Yes an unescaped slash isn't going to do anything harmful. An unescaped colon in the middle of the url could easily trigger url parsing bugs and security problems. G This email has been scanned by Postini. For more information please visit http://www.postini.com ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
