darren chamberlain wrote:
> [EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on
>12/18/2001:
>
>>>Use escape_uri and unescape_uri, or some other pair of reversable
>>>functions. For example, store it as:
>>>
>>Tried this and it appears that Apache::Util escapes the same
>>characters that Apache::Cookie does when it prepares this
>>cookie. Problem is that it wont pull the ampersands back in.
>>I'm assuming the thinking is that Apache::Cookie shoud be able
>>to decode a string it encodes. I'm running an older version of
>>mod_perl (1.24_01), wondering if anybody knows if this issue
>>has been seen before, and if it's been fixed in more recent
>>versions.
>>
>
> URI::Escape::uri_escape allows you to pass a list of "unsafe"
> characters as the optional second argument (although
> Apache::Util::unescape_uri does not; see src/main/util.c in the
> apache source for why). Here is an updated version of my
> previous example (trimmed; the value for $url is the one you gave
> in the original message):
>
> use URI::Escape;
> my $url =
>q|http://www.newsfactor.com/xxxxx.pl?action=reply_form_html&board=nfntalkback&id=3288|;
> my $escaped = uri_escape($url, '\x00-\xff');
>
> Now, $escaped looks like:
>
>
>%68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38
>
> This should be OK as a cookie value. The value of $escaped is
> easily retrievable with:
>
> my $unescaped = uri_unescape($escaped);
>
> The only problem, such as it may be, is that the version in
> URI::Escape pure perl, and therefore slower than the version in
> Apache::Util.
>
> (darren)
>
>
Yeah I don't wanna have to load up URI::Escape, I'm just doing a s/&/___/g
and doing the inverse after receiving the URL on the other end.
Does anybody know why Apache::Cookie is barfing on the ampersands? I
looked at the RFC yesterday and ampersand is not listed as unsafe.
Btw, thanks for your suggestions darren.
--
--
Daniel Bohling
NewsFactor Network
