- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 21 Oct 2010 14:02:36 +0200
- To: HTTP Working Group <ietf-http-wg@w3.org>
On 17.10.2010 20:04, Julian Reschke wrote:
> ...
> 3) <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/245>: "warn about
> %xx in filenames being misinterpreted"
>
> (not yet addressed)
> ...
It just occurred to me that there may be a workaround for this problem,
by using the quoted-string form and inserting a quote character into the
%xx sequence.
Not so, because of UAs not handling escapes properly. Sigh. See test case:
<http://greenbytes.de/tech/tc2231/#attwithfnrawpctencaq>
Thus, I'm adding a warning statement to the end of the description of
"filename", pointing out the implementation problems:
Note: Many user agents do not properly handle escape characters
when using the quoted-string form. Furthermore, some user agents
erroneously try to perform unescaping of "percent" escapes (see
Appendix C.2), an thus might misinterpret filenames containing he
percent character followed by two hex digits.
(see <http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1041>).
Best regards, Julian
Received on Thursday, 21 October 2010 12:03:28 UTC