- From: Joe Gregorio <joe@bitworking.org>
- Date: Sun, 8 Oct 2006 22:56:45 -0400
- To: "Mark Nottingham" <mnot@mnot.net>
- Cc: "James M Snell" <jasnell@gmail.com>, uri@w3.org
On 10/6/06, Mark Nottingham <mnot@mnot.net> wrote:
>
> +1 to dropping component spanning and doing percent-encoding during
> substitution, as well as UTF-8.
>
> However, this will require that the data model for the input to
> substitution be formalized more, as others have pointed out -- which
> I think is a good thing.
>
> Consider:
> a = "foo/bar"
>
> http://www.example.com/{a}
> http://www.example.com/foo?path={a}
>
> The first will need the '/' escaped; the second will not.
True, but there is no harm in % escaping the / in the second,
every cgi library will automatically unencode the %2F
before the application sees it. That is,
http://www.example.com/foo?path=foo/bar
and
http://www.example.com/foo?path=foo%2Fbar
will both give a parsed value of '/' for 'path' to the application.
I think this is a good argument for % encoding everywhere.
-joe
--
Joe Gregorio http://bitworking.org
Received on Monday, 9 October 2006 02:56:55 UTC