[Seaside] Re: [Swazoo-devel] Swazoo bugs that can affect Seaside

Randal L. Schwartz merlyn at stonehenge.com
Wed Aug 3 22:04:01 UTC 2011

>>>>> "Dale" == Dale Henrichs <dhenrich at vmware.com> writes:

Dale> The first bug is in SwazooURI where the query fields in an URL
Dale> will be incorrectly parsed if an `&` or other special character is
Dale> embedded in the value of the field. The following example
Dale> illustrates the bug:

That's not a bug.  There's no particular specialness of single or double
quotes in a URI.



is actually ill-formed.  It's quite possible that the parameters will
end up:

         foo 1
         bar 2
         bletch "foo
         bar" (null)

If you want & inside a GET parameter, you have to %-encode it.

Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.posterous.com/ for Smalltalk discussion

More information about the seaside mailing list