Received: by taz.hyperreal.com (8.8.3/V2.0) id PAA21809;
 Sun, 1 Dec 1996 15:29:23 -0800 (PST)
Received: from eat.organic.com by taz.hyperreal.com (8.8.3/V2.0) with ESMTP id
 PAA21802; Sun, 1 Dec 1996 15:29:20 -0800 (PST)
Received: from localhost (brian@localhost) by eat.organic.com (8.8.3/8.6.12)
 with SMTP id PAA06220; Sun, 1 Dec 1996 15:29:54 -0800 (PST)
Date: Sun, 1 Dec 1996 15:29:54 -0800 (PST)
From: Brian Behlendorf <brian@organic.com>
To: ben@algroup.co.uk, new-httpd@hyperreal.com
Subject: Re: escape_uri bug fix never applied
In-Reply-To: <9612012213.aa06469@gonzo.ben.algroup.co.uk>
Message-ID: <Pine.GSO.3.95.961201152838.3008S-100000@eat.organic.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: new-httpd-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com

On Sun, 1 Dec 1996, Ben Laurie wrote:
> Brian Behlendorf wrote:
> > 
> > Huh?  Escaping to make something safe to the OS command line and escaping to
> > make safe for URL embedding seem like two separate actions, which may have the
> > same algorithm or may not.  Why collapse them?  
> 
> Errr ... escape_shell_cmd() is the one that does command lines. And it has a
> completely different algorithm.
> 
> os_escape_path() was originally written as a replacement for escape_uri(). It
> wasn't used globally in the first place, because it lacked the "partial"
> argument. I fixed that a long time ago, but didn't follow up with escape_uri()
> removal.

Ah, okay.  +1 to Roy's most recent patch then.  

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS