httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacob Eshed <jacob.es...@exlibris.co.il>
Subject RE: [users@httpd] + in URL
Date Mon, 21 Nov 2005 05:44:52 GMT
Hi Bill,
Thank you very much for your brief and helpful explanation.

Sincerely,
Jacob Eshed



-----Original Message-----
From: William A. Rowe, Jr. [mailto:wrowe@rowe-clan.net] 
Sent: Monday, November 21, 2005 6:35 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] + in URL


Jacob Eshed wrote:
> Hi Bill,
> Thanks for your prompt answer.
> The '&sub_cat=Art + Design' was entered as parameter in Microsoft
> Internet Browser 6. as a url address:
> 
> <_http://server.name:port/V/?func=some_function&mode=category&category
> =Category
> Name&sub_cat=Art + Design&restricted=all_ 
>
<http://server.name:port/V/?func=some_function&mode=category&category=Catego
ry 
> Name&sub_cat=Art + Design&restricted=all>>

So the user, if they TYPED this into the URL bar, actually placed three
spaces in a row.  Any '+' symbols in a query argument (the portion of the
URI following the '?') is clearly defined by the HTTP URI specification to
indicate a space.

(This is historically because spaces are altogether invalid in a URI, in
spite of MS IIS's broken implementation, and because the original query
arguments were assumed to be search keywords of some sort, meaning
"search.cgi?help+http" was expected to be searching the help and the http
keywords, seperated by a space.)

There is no bug, only user error here.

To prove it, create a form submission html page, and in the text of the
query input text, type test+me.  You will see that all browsers escape the
'+' to ensure it's treated as a literal '+'.

Bill

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


-------------------------------------------------------- 
This message has been scanned for viruses and
dangerous content by Ex Libris Ltd, and is
believed to be clean.
--------------------------------------------------------

-------------------------------------------------------- 
This message has been scanned for viruses and
dangerous content by Ex Libris Ltd, and is
believed to be clean.
--------------------------------------------------------


Mime
View raw message