* Path: (web uri) - split-and-decode-uri-path must preserve plus characters
@ 2014-07-17 5:24 Brent
2016-06-20 12:49 ` Andy Wingo
0 siblings, 1 reply; 2+ messages in thread
From: Brent @ 2014-07-17 5:24 UTC (permalink / raw)
To: guile-user
[-- Attachment #1: Type: text/plain, Size: 1364 bytes --]
Hi all,
Attached is a patch to to correct the behaviour of
split-and-decode-uri-path in uri.scm from guile 2.0.9.
Fault
-------
The faulty behaviour is:
(use-modules (web uri))
(split-and-decode-uri-path "xxx/abc+def/yyy") → ("xxx" "abc def"
"yyy")
As can be seen, the plus has been erroneously converted to a space.
The correct behaviour is:
(split-and-decode-uri-path "xxx/abc+def/yyy") → ("xxx" "abc+def"
"yyy")
Analysis
------------
The fault is actually in the uri-decode function invoked by
split-and-decode-uri-path:
it has special logic to check for a #\+ character and convert it to a space.
The reason for this is that uri-decode is also used to decode query
string for
application/x-www-form-urlencoded requests where spaces are encoded by
the client
on submission to plus characters.
(see http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1)
Fix
---
The fix is to extend uri-decode with a new keyword argument #:form? that
is defaulted
to #t. This provides backward compatibility.
split-and-decode-uri-path is modified to call uri-decode with #:form?
set to #f.
Motivation
---------------
This patch is motivated by the need to embed ISO 8601 timestamps with
time zones
into URLs:
eg. GET http:/foo.org/aaa/bbb/20140717T072233+0200/xxx/yyy
Please consider this for inclusion.
Thanks,
Brent
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: fix-web-uri-decode-plus-to-space.patch --]
[-- Type: text/x-patch; name="fix-web-uri-decode-plus-to-space.patch", Size: 1267 bytes --]
--- guile-2.0.9/module/web/uri.scm.orig 2013-03-18 23:30:13.000000000 +0200
+++ guile-2.0.9/module/web/uri.scm 2014-07-15 16:08:47.677521012 +0200
@@ -304,7 +304,7 @@
(define hex-chars
(string->char-set "0123456789abcdefABCDEF"))
-(define* (uri-decode str #:key (encoding "utf-8"))
+(define* (uri-decode str #:key (encoding "utf-8") (form? #t))
"Percent-decode the given STR, according to ENCODING,
which should be the name of a character encoding.
@@ -330,7 +330,7 @@
(if (< i len)
(let ((ch (string-ref str i)))
(cond
- ((eqv? ch #\+)
+ ((and (eqv? ch #\+) form?)
(put-u8 port (char->integer #\space))
(lp (1+ i)))
((and (< (+ i 2) len) (eqv? ch #\%)
@@ -412,7 +412,8 @@
For example, ‘\"/foo/bar%20baz/\"’ decodes to the two-element list,
‘(\"foo\" \"bar baz\")’."
(filter (lambda (x) (not (string-null? x)))
- (map uri-decode (string-split path #\/))))
+ (map (lambda (s) (uri-decode s #:form? #f))
+ (string-split path #\/))))
(define (encode-and-join-uri-path parts)
"URI-encode each element of PARTS, which should be a list of
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Path: (web uri) - split-and-decode-uri-path must preserve plus characters
2014-07-17 5:24 Path: (web uri) - split-and-decode-uri-path must preserve plus characters Brent
@ 2016-06-20 12:49 ` Andy Wingo
0 siblings, 0 replies; 2+ messages in thread
From: Andy Wingo @ 2016-06-20 12:49 UTC (permalink / raw)
To: Brent; +Cc: guile-user
Applied, in a slightly reworked form. This will be in 2.1.4. Only took
two years :/
Thanks for the patch!
Andy
On Thu 17 Jul 2014 07:24, Brent <brent@tomski.co.za> writes:
> Hi all,
>
> Attached is a patch to to correct the behaviour of
> split-and-decode-uri-path in uri.scm from guile 2.0.9.
>
> Fault
> -------
> The faulty behaviour is:
>
> (use-modules (web uri))
> (split-and-decode-uri-path "xxx/abc+def/yyy") â ("xxx" "abc
> def" "yyy")
>
> As can be seen, the plus has been erroneously converted to a space.
>
> The correct behaviour is:
>
> (split-and-decode-uri-path "xxx/abc+def/yyy") â ("xxx"
> "abc+def" "yyy")
>
> Analysis
> ------------
> The fault is actually in the uri-decode function invoked by
> split-and-decode-uri-path:
> it has special logic to check for a #\+ character and convert it to a space.
>
> The reason for this is that uri-decode is also used to decode query
> string for
> application/x-www-form-urlencoded requests where spaces are encoded by
> the client
> on submission to plus characters.
>
> (see http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1)
>
> Fix
> ---
> The fix is to extend uri-decode with a new keyword argument #:form?
> that is defaulted
> to #t. This provides backward compatibility.
>
> split-and-decode-uri-path is modified to call uri-decode with #:form?
> set to #f.
>
> Motivation
> ---------------
> This patch is motivated by the need to embed ISO 8601 timestamps with
> time zones
> into URLs:
>
> eg. GET http:/foo.org/aaa/bbb/20140717T072233+0200/xxx/yyy
>
>
> Please consider this for inclusion.
>
>
> Thanks,
>
> Brent
>
>
> --- guile-2.0.9/module/web/uri.scm.orig 2013-03-18 23:30:13.000000000 +0200
> +++ guile-2.0.9/module/web/uri.scm 2014-07-15 16:08:47.677521012 +0200
> @@ -304,7 +304,7 @@
> (define hex-chars
> (string->char-set "0123456789abcdefABCDEF"))
>
> -(define* (uri-decode str #:key (encoding "utf-8"))
> +(define* (uri-decode str #:key (encoding "utf-8") (form? #t))
> "Percent-decode the given STR, according to ENCODING,
> which should be the name of a character encoding.
>
> @@ -330,7 +330,7 @@
> (if (< i len)
> (let ((ch (string-ref str i)))
> (cond
> - ((eqv? ch #\+)
> + ((and (eqv? ch #\+) form?)
> (put-u8 port (char->integer #\space))
> (lp (1+ i)))
> ((and (< (+ i 2) len) (eqv? ch #\%)
> @@ -412,7 +412,8 @@
> For example, \"/foo/bar%20baz/\" decodes to the two-element list,
> (\"foo\" \"bar baz\")."
> (filter (lambda (x) (not (string-null? x)))
> - (map uri-decode (string-split path #\/))))
> + (map (lambda (s) (uri-decode s #:form? #f))
> + (string-split path #\/))))
>
> (define (encode-and-join-uri-path parts)
> "URI-encode each element of PARTS, which should be a list of
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-06-20 12:49 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-07-17 5:24 Path: (web uri) - split-and-decode-uri-path must preserve plus characters Brent
2016-06-20 12:49 ` Andy Wingo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).