[ic] URL encoding bug in Vend::Interpolate::esc
David Christensen
david at endpoint.com
Sun May 16 23:30:58 UTC 2010
On May 16, 2010, at 4:48 PM, Rok Ruzic wrote:
> On Sun, 16 May 2010 12:53:07 -0500
> David Christensen <david at endpoint.com> wrote:
> I haven't looked at the patch, so can't comment
>> on that specifically, but if it's using ord(), etc. as opposed to the
>> encoding functions, I'd be against doing it that way.
>
> I only tested with ord(), unpack() and friends to find out what perl
> thinks of these characters in various contexts. The patch itself merely
> replaces the regex condition already in place with one, that also
> matches wide characters for escaping, and thus conforms to the standard
> that Racke pointed out.
My point was just that escaping wide characters doesn't make sense without a the context that an encoding provides; i.e., it'll be the URL-encoded value of the code point itself, as opposed to the URL-encoded value of the *encoded* code point.
> To solve this thing properly, i think we should find and use a suitable
> module. Doing it ourselves makes no sense.
I'd be in favor of that; we may want to also consider that IDN/Punycode domain names are starting to exist out there and support that portion of at least the authority portion of the URL. If there's a module that already accounts for this, that'd be a plus as well.
Regards,
David
--
David Christensen
End Point Corporation
david at endpoint.com
More information about the interchange-users
mailing list