curl-users
Re: Malformed request problem
Date: Thu, 7 Mar 2002 16:38:57 -0800
hi
thanx a lot
but i tried with not escaping = and & charachter already whcih dint worked
out for me
if i get the page without escaping it i get invalid session id from the
server .
I had parsed the url from a link on web page that i get from logged in .
regards
Amit Hooja
System adminsitrator & Integrator
Data Infosys Ltd.
Tonk Road , Jaipur
Phone : 91-0141-702311,702312,702313
##############################################
[Without prejudice to the generality of the contents herein, this
communication does not attach any legal liability on the originator thereof.
This communication contains information, which is confidential and may also
be privileged. It is for the exclusive use of the intended recipient(s). If
you have received this communication by error, please delete the email and
destroy any copies of it.]
----- Original Message -----
From: "Daniel Stenberg" <daniel_at_haxx.se>
To: "Amit Hooja" <amithooja_at_dil.in>
Cc: "Curl Mailinglist" <curl_at_contactor.se>
Sent: Thursday, March 07, 2002 3:01 AM
Subject: Re: Malformed request problem
> On Thu, 7 Mar 2002, Amit Hooja wrote:
>
> > urls are as follows
> >
> > originial---->
> >
> >
formname=read_msg&folder=Inbox&file_name=Welcome.old&login=testdil&session_i
> >
d=1$1$E$Tvq1hBwyBF.PUA0L33GO90&index=1&function_name=''&SrtFld=2&SrtOrd=1
> >
> > escaped ->
> >
> >
http://f2mail.rediff.com/cgi-bin/folder.cgi?formname%3Dread_msg%26folder%3DI
> >
nbox%26file_name%3DWelcome.old%26login%3Dtestdil%26session_id%3D1%241%24E%24
> >
Tvq1hBwyBF.PUA0L33GO90%26index%3D1%26function_name%3D''%26SrtFld%3D2%26SrtOr
> > d%3D1
>
> I thought this output alone would make it obvious.
>
> The escaping you've made ruined all the occurances of at least the letters
> '&' and '='. Those two letters are vital for the server to be able to
parse
> each individual part of the URL. You should not escape those letters when
> they are used as separators, only when they are part of the data or
contents
> within the individual parts.
>
> So, you make this a good escaping, you should first extract all pieces
that
> are separated with '&' letters. That will give you a list of "name=data"
> pairs. Encode both sides if the '=' letter but keep the separator as-is.
>
> *BUT* as you already have a URL or what looks like a URL, I can't
understand
> why you need to escape it. Or if you need to escape it, I think it's too
late
> when you've alredy created a URL from the data that creates the full
string.
>
> For example, what if the filename would've cotained a '&' letter? It would
be
> really ugly to escape that properly...
>
> (This was a somewhat longish reply, but I think you'll get the spirit of
it.)
>
> --
> Daniel Stenberg -- curl groks URLs -- http://curl.haxx.se/
>
>
Received on 2002-03-07