- From: Juergen Reuter <reuterj@ira.uka.de>
- Date: Tue, 02 May 2000 18:31:22 +0200
- To: Greg Stein <gstein@lyra.org>
- cc: w3c-dist-auth@w3.org, reuterj@ira.uka.de, jjh@ira.uka.de
Greg Stein wrote:
> '+' is not a valid encoding for 'space'. Some clients and servers do it
> for parts of a URL (particularly within the 'query' section), but it is
> not standard.
>
> Refer to RFC 2396 (URLs) and RFC 2616 (HTTP), Section 3.2.
> http://andrew2.andrew.cmu.edu/rfc/rfc2396.html
> http://andrew2.andrew.cmu.edu/rfc/rfc2616.html
The '+' encoding is not standard for URL encoding itself, but it *is*
standard for form-urlencoded data, as specified in RFC 1866:
>8.2.1. The form-urlencoded Media Type
>
> The default encoding for all forms is `application/x-www-form-
> urlencoded'. A form data set is represented in this media type as
> follows:
>
> 1. The form field names and values are escaped: space
> characters are replaced by `+', and then reserved characters
> are escaped as per [URL]; that is, non-alphanumeric
> characters are replaced by `%HH', a percent sign and two
> hexadecimal digits representing the ASCII code of the
> character. Line breaks, as in multi-line text field values,
> are represented as CR LF pairs, i.e. `%0D%0A'.
Section 8.2.2 says:
> To process a form whose action URL is an HTTP URL and whose method is
> `GET', the user agent starts with the action URI and appends a `?'
> and the form data set, in `application/x-www-form-urlencoded' format
> as above.
In other words, the '+' encoding is standard not only in the message
body, but even in the request line of a GET request (at least as of
HTML/2.0). However, when doing a POST, the form data is put into
the message body rather than the request line (section 8.2.3).
Bye,
Juergen
Received on Tuesday, 2 May 2000 12:34:49 UTC