On Thu, 23 Mar 2000, John McNally wrote:
> My limited investigation lead me to believe that only % needs encoding on
> the server side. Does anyone agree with this or is the problem more
> difficult?
It is more difficult. Essentially, the characters that MUST be encoded
are those which have a special meaning in unencoded form. These include
";", "/", "?", ":", "@", "&", "=", "#" and "%". Other characters that
should be encoded are " ", "<", ">", """ (double quote) and possibly also
"{", "}", "|", "\", "^", "~", "[", "]" and "`". All nonprintable control
characters must also be encoded, of course.
The first nine characters are the problematic ones, though, since while
the others can be encoded unconditionally, these must _not_ be encoded
if they are used as metacharacters, for example to delimit query string
parameters or path elements, and _must_ be encoded otherwise.
The authoritative reference on this is RFC 1738, specifically section 2.2
and the BNF definitions in section 5. Be careful in reading it, though,
since some of the terms used are defined in ways that are subtly different
from the common usage.
--
Ilmari Karonen
http://www.sci.fi/~iltzu/
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
