cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: curl_escape

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sat, 4 Aug 2001 16:56:31 +0200 (MET DST)

On Mon, 30 Jul 2001, Evan Martin wrote:

> I recently received a bug report about my program being able to handle
> sending %20 characters properly.
>
> I traced it down to this bit in escape.c:
>
> (function: curl_escape())
> /* encode it */
> if(('%' == in) &&
> (length>=2) &&
> isxdigit((int)string[1]) &&
> isxdigit((int)string[2]) ) {
> /*
> * This is an already encoded letter, leave it!
> */
> memcpy(&ns[index], string, 3);
> string+=2;
> }
>
> This behavior seems incorrect to me.
>
> Suppose I'm posting a form where I want to include a literal "%20" (or
> any other form of % followed by two hex digits): If I simply pass the
> data through curl_escape, it won't be encoded properly.

I agree we need to make a decision on this.

I did add that kind of check because someone wanted it and I kind of agreed
it was a nice idea, but... it also prevents some operations so I figure we
should either:

1 - remove the code
or
2 - make it optional

... and I think option 1 is closer to my mind, as we don't need to change any
interface for that.

-- 
     Daniel Stenberg -- curl dude -- http://curl.haxx.se/
_______________________________________________
Curl-library mailing list
http://curl.haxx.se/libcurl/

Received on 2001-08-04

This message: [ Message body ]
Next message: Daniel Stenberg: "win32 errors"
Previous message: Sander van Zoest: "Re: Perl API"
Next in thread: Linus Nielsen Feltzing: "Re: curl_escape"
Reply: Linus Nielsen Feltzing: "Re: curl_escape"
Reply: Cris Bailiff: "Re: curl_escape"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]