On 20/06/06, Bennett McElwee <[EMAIL PROTECTED]> wrote:
> <a href="s=1&><t=2">a < & &; > &# </a>
> passes, so perhaps it's not always necessary to encode &.
Yes... I was guilty of inaccurate generalisation. I don't have to heart
I think you were correct - I was just extending what you said.
to delve into the SGML spec again, but from memory, an ampersand
followed by a letter will be interpreted as the beginning of an entity.
If it's not followed by a letter then it can stand as it is.
You're right that JMeter should not generally carry out the decoding.
But when fetching an embedded file (e.g. <img
src="banner.jpg?x=100&y=200">) it should always decode before
fetching, because that's what a user agent would do.
Agreed, and that can be done safely because the context is known. In
fact HtmlParser may (should?) already do this, and the other parsers
need to be checked and fixed as needed.
Maybe the most flexible solution to the original problem would be to add
a built-in decode function that users could call if they know they'll
need it in a RegEx extractor etc.
Yes, but I think we also need to provide a way for the RE
Post-Processor to work on either the raw or decoded response.
Cheerio,
Bennett.
--
Bennett McElwee
-----Original Message-----
From: sebb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 20 June 2006 12:13 pm
To: JMeter Users List
Subject: Re: & in dynamic links
On 19/06/06, Bennett McElwee <[EMAIL PROTECTED]> wrote:
> >> <a href="http://www.example.com/go?s=1&t=2";>Go</a>
> > Are you sure it's not valid?
>
> Quite sure. Any ampersand appearing in a text node or an attribute is
> interpreted as the beginning of an entity reference (e.g. ").
> Therefore if you want an ampersand in text or in an attribute (such as
> an href), you must encode it as & (or the equivalent Unicode
code).
>
Thanks - still learning ...
I'd assumed that the quotes protected the &, but clearly not.
On the other hand, the snippet:
<a href="s=1&><t=2">a < & &; > &# </a>
passes, so perhaps it's not always necessary to encode &.
Given that one might actually want to check the actual response, I
think a solution would be to add an option to the RE Post-Processor to
decode the response data before scanning.
Clearly the HTML parsing routines need to be checked to ensure that
any links etc are decoded before being used.
S.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
This communication, including any attachments, is confidential. If you are not
the intended recipient, you should not read it - please contact me immediately,
destroy it, and do not copy or use any part of this communication or disclose
anything about it. Thank you. Please note that this communication does not
designate an information system for the purposes of the Electronic Transactions
Act 2002.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
