Re: Re: Re: incorrect use of URI::Escape?

[^;\/?:@&=+\$,A-Za-z0-9\-_.!~*'()]

You probably do not want to exclude ;, &, = and +.

Although they're don't have to be encoded, according to the rfc, ; and & separate key/value pairs in a query string, = separates key and value in a key/value pair in a query string, and + often is a space (chr(32)) in query strings. Because query strings are a very common reason for using URI encoding, I think it's unwise to not encode these characters.

The characters I mentioned are part of the "reserved" characters, and since version 1.16, URI::Escape does encode them (not encoding them cause a LOT of trouble in many situations).

- Yes, I reinvent wheels.
- Spam: Visit eurotraQ.

Comment on Re: Re: Re: incorrect use of URI::Escape?

Replies are listed 'Best First'.
Re: Re: Re: Re: incorrect use of URI::Escape? by tachyon (Chancellor) on Apr 13, 2002 at 18:57 UTC
The code I offered is exactly the same as uri_escape() simply because if you are going to suggest an alternative it seems logical to KISS. I agree with you that URI:Escape is not optimal and always roll my own. Like you I do not exclude ; & + and = (also ?) I think a good working knowledge of URI encodings is an important thing for anyone who works with CGI cheers tachyon s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print	[reply]
Re: Re: Re: Re: Re: incorrect use of URI::Escape? by Juerd (Abbot) on Apr 13, 2002 at 19:02 UTC
The code I offered is exactly the same as uri_escape() An old version, apparently. I advise you to upgrade URI::Escape to version 1.16 or later, and update all of your scripts that do not encode reserved characters, or at least your post ;) Just FYI: I peeked at URI::Escape's source too, but I already have the new version... Update s/advice/advise/ per crazyinsomniac's advice to wear a hat. - Yes, I reinvent wheels. - Spam: Visit eurotraQ.	[reply]