- From: Ian Hickson <ian@hixie.ch>
- Date: Tue, 15 Sep 2009 01:12:34 +0000 (UTC)
On Wed, 9 Sep 2009, NARUSE, Yui wrote: > > First is about 4.10.16.4 URL-encoded form data. > http://www.whatwg.org/specs/web-apps/current-work/#application/x-www-form-urlencoded-encoding-algorithm > > In this algorithm at 6.2.1, > "SP, *, -, ., 0 .. 9, A .. Z, _, a .. z" is not escaped. > But many other specs which use application/x-www-form-urlencoded refers > URI's unreserved. And it in RFC3986 is > unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~" > Why ~ is escaped and * is not escaped? No idea, but that's what browsers do. > Second is also URL-encoded form data 6.2.1. > This says: > > the string a U+0025 PERCENT SIGN character (%) followed by two > > characters in the ranges U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE > > (9) and U+0041 LATIN CAPITAL LETTER A to U+005A LATIN CAPITAL LETTER Z > But hexadecimal is 0-9 A-F, > so to "U+0046 LATIN CAPITAL LETTER F" seems right. Oops, thanks. Fixed. > Third is about Web addresses in HTML 5. (this spec is also this ML?) > http://www.w3.org/html/wg/href/draft > > In 2 Parsing Web addresses at 2. Percent-encode all non-URI characters in w, > percent-encoding many characters includeing U+0025 percent sign. > But by this spec, if a Web address w is already escaped URL, > this process double-escape those characters. > > For example, w is http://www.example.org/D%C3%BCrst, > on step 2, w comes to be http://www.example.org/D%25C3%25BCrst. > And on step 5, w is broken. Please send this feedback to Larry Masinter <masinter at adobe.com>. Cheers, -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 14 September 2009 18:12:34 UTC