httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: # in file names...
Date Wed, 04 Oct 1995 08:54:25 GMT
> 
> > Maybe so, however, I see no reason to leave these characters unescaped. It
> > only improves the system ever so slightly, and may break later when Apache
> > supports new semantics.
> 
> Which is exactly why I think that unescape_uri should be quite specific
> to http paths. Any other behaviour is pretty much guaranteed to be wrong
> for other semantics; it's hopeless to try and second guess future
> developments.
> 
> I missed off / from the list of acceptable characters, BTW.
> Remove & from the list if you like; but don't document this routine as
> somehow being a 'general URI encoding routine'.

OK, I've read the RFC a bit more carefully (blush). I see where you got your
list from, and I agree with the list, or at least this version of it:

A-Za-z0-9$-_.+!*'(),:@&=

However, we should either escape : or put ./ on the front (one less character).
I would suggest that the routine should be called escape_rfc1808_segment, which
makes it pretty clear what it is doing (at least to anyone with RFC1808 to
hand). If everyone (who cares) is happy with this, I'll redo the patch, again.
Note that the routine _will_ escape /, to escape a path with directories
in, each segment will have to be individually escaped (I suggest this method
for better OS independence. / cannot appear in a filename under Unix, but it
certainly can on a Mac, and probably also on Win95). This will not be a problem
with the current use of the routine.

>  David.

Cheers,

Ben.

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant        Fax:   +44 (181) 994 6472
and Technical Director      Email: ben@algroup.co.uk
A.L. Digital Ltd,
London, England.

Mime
View raw message