curl-users
Re: Malformed request problem
Date: Thu, 7 Mar 2002 12:01:19 +0100 (MET)
On Thu, 7 Mar 2002, Amit Hooja wrote:
> urls are as follows
>
> originial---->
>
> formname=read_msg&folder=Inbox&file_name=Welcome.old&login=testdil&session_i
> d=1$1$E$Tvq1hBwyBF.PUA0L33GO90&index=1&function_name=''&SrtFld=2&SrtOrd=1
>
> escaped ->
>
> http://f2mail.rediff.com/cgi-bin/folder.cgi?formname%3Dread_msg%26folder%3DI
> nbox%26file_name%3DWelcome.old%26login%3Dtestdil%26session_id%3D1%241%24E%24
> Tvq1hBwyBF.PUA0L33GO90%26index%3D1%26function_name%3D''%26SrtFld%3D2%26SrtOr
> d%3D1
I thought this output alone would make it obvious.
The escaping you've made ruined all the occurances of at least the letters
'&' and '='. Those two letters are vital for the server to be able to parse
each individual part of the URL. You should not escape those letters when
they are used as separators, only when they are part of the data or contents
within the individual parts.
So, you make this a good escaping, you should first extract all pieces that
are separated with '&' letters. That will give you a list of "name=data"
pairs. Encode both sides if the '=' letter but keep the separator as-is.
*BUT* as you already have a URL or what looks like a URL, I can't understand
why you need to escape it. Or if you need to escape it, I think it's too late
when you've alredy created a URL from the data that creates the full string.
For example, what if the filename would've cotained a '&' letter? It would be
really ugly to escape that properly...
(This was a somewhat longish reply, but I think you'll get the spirit of it.)
-- Daniel Stenberg -- curl groks URLs -- http://curl.haxx.se/Received on 2002-03-07