hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philippe Mouawad <philippe.moua...@gmail.com>
Subject Re: UrlEncodedFormEntity and parameter value encoding
Date Sat, 24 Sep 2016 08:50:28 GMT
Hi Oleg,
If you look at :
https://bz.apache.org/bugzilla/show_bug.cgi?id=60120
You can see that this encoding can break some applications.

If I read https://en.wikipedia.org/wiki/Percent-encoding#The_
application.2Fx-www-form-urlencoded_type


Which references https://tools.ietf.org/html/rfc1630
I understand @ is safe.

Regards



On Sun, Sep 18, 2016 at 5:04 PM, Oleg Kalnichevski <olegk@apache.org> wrote:

> On Sun, 2016-09-18 at 16:27 +0200, Philippe Mouawad wrote:
> > On Sunday, September 18, 2016, Oleg Kalnichevski <olegk@apache.org>
> wrote:
> >
> > > On Sun, 2016-09-18 at 16:12 +0200, Philippe Mouawad wrote:
> > > > So is it a bug ? or a regular behaviour ?
> > > >
> > >
> > > We back to where we started. Why do you think it should not be encoded?
> >
> > it does not seem to be when using browser.
> > It should if it's in url but I am not sure it is reserved when located in
> > form parameter.
> > I don't fully understand the rfc documentation.
> >
>
> I can be easily wrong here but I am not aware of any RFC that defines
> composition of application/x-www-form-urlencoded content.
>
> As far as I know HttpClient presently emulates the behavior of
> java.net.URLEncoder. It also seems safer to me to rather encode too much
> and to encode too little.
>
> Oleg
>
> > Regards
> >
> > >
> > > Oleg
> > >
> > > > thanks
> > > >
> > > > On Sunday, September 18, 2016, Oleg Kalnichevski <olegk@apache.org
> > > <javascript:;>> wrote:
> > > >
> > > > > On Sun, 2016-09-18 at 15:11 +0200, Philippe Mouawad wrote:
> > > > > > Hi Oleg,
> > > > > > Thanks for rapid answer.
> > > > > > Correct me if I am wrong but:
> > > > > > - URLENCODER is built from an or on UNRESERVED (which contains
> '_',
> > > '-',
> > > > > > '.', '*' and a-z, A-Z, 0-9.
> > > > > >
> > > > > > URLENCODER is passed as safechars in
> > > > > >     private static String urlEncode(
> > > > > >             final String content,
> > > > > >             final Charset charset,
> > > > > >             final BitSet safechars,
> > > > > >             final boolean blankAsPlus)
> > > > > >
> > > > > >
> > > > > > @ is not part of the chars, so you end up in this part of
> algorithms
> > > > > right
> > > > > > ?:
> > > > > >             } else {
> > > > > >                 buf.append("%");
> > > > > >                 final char hex1 =
> > > > > > Character.toUpperCase(Character.forDigit((b >> 4) &
0xF,
> RADIX));
> > > > > >                 final char hex2 =
> > > > > > Character.toUpperCase(Character.forDigit(b & 0xF, RADIX));
> > > > > >                 buf.append(hex1);
> > > > > >                 buf.append(hex2);
> > > > > >             }
> > > > > >
> > > > > > And thus it gets URL encoded no ?
> > > > > >
> > > > >
> > > > > Yes, I was mistaken. Sorry about that.
> > > > >
> > > > > Oleg
> > > > >
> > > > >
> > > > >
> > > > > ------------------------------------------------------------
> ---------
> > > > > To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> > > <javascript:;>
> > > > > <javascript:;>
> > > > > For additional commands, e-mail: httpclient-users-help@hc.
> apache.org
> > > <javascript:;>
> > > > > <javascript:;>
> > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> > > <javascript:;>
> > > For additional commands, e-mail: httpclient-users-help@hc.apache.org
> > > <javascript:;>
> > >
> > >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>


-- 
Cordialement.
Philippe Mouawad.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message