This is a good example of what is a good use for the uri filter in a
typical application.
[% read_url = 'http://localhost/?cmd=read&id=1&redirect=somwhere_else %]
<a
href="http://localhost/?cmd=update&id=1&updated_key=updated_value&redirect=[%
read_url | uri %]">Updated and read</a>
If uri doesn't correctly escape ALL parts, the redirect value in the
last anchor is ambigous, and you would get two values for redirect,
which is obviously wrong. That is why I in old versions of TT with the
old behaviour had to make a custom callback that call URI::Escape
instead, because the uri filter was broken.
<a
href="http://localhost/?cmd=update&id=1&updated_key=updated_value&redirect=[%
uri_escape(read_url) %]">Updated and read</a>
So my vote is for letting it stay fixed. The old implementation was
obviously wrong. If your intention was to ONLY escape the query string
of an URI, and not the entire string, you could very well make a custom
filter for it that does exactly that, namely escapes the values of each
query string argument.
-- Robin
Mihai Bazon wrote:
You're right (except for the "problem understanding" part :p). I just
noticed that I was careless enough not to run my URL-s through any
filters, so if I have a page whose URL part contains a slash,
everything breaks.
If, however, I apply a complete filter, then it messes up all slashes,
which is also not good (i.e. I use urls like
/articles/chapter-title/section-title -- each of this 3 parts defines
one page in the DB).
Indeed the Right Solution is to run a filter for each URL part.. but
this will go so deep in my Perl code that I'll rather use URI::Encode.
So... I still think the uri filter should keep its old behavior.
-M.
Randal L. Schwartz wrote:
"Mihai" == Mihai Bazon <[EMAIL PROTECTED]> writes:
If we want a uri escape that is that aggressive, can it be put under a
different name, and the existing uri be modded back to allow : and /
characters through untouched...
Mihai> $votes++
You clearly don't understand the problem then, or what uri-escaping
is about.
This isn't about "voting". This is about *doing the right thing*.
You *cannot* uri-escape a string that already has a path to it.
You can only uri-escape the path steps.
_______________________________________________
templates mailing list
[email protected]
http://lists.template-toolkit.org/mailman/listinfo/templates
_______________________________________________
templates mailing list
[email protected]
http://lists.template-toolkit.org/mailman/listinfo/templates
