Project

General

Profile

Actions

Bug #6696

closed

[PATCH] ERB::Util.url_encode should not escape unreserved characters

Added by madeofcode (Mark Dodwell) over 12 years ago. Updated over 7 years ago.

Status:
Closed
Target version:
ruby -v:
ruby 1.9.3p194 (2012-04-20 revision 35410) [x86_64-darwin11.4.2]
[ruby-core:46168]

Description

ERB::Util.url_encode is escaping tilde (~) where it should not according to the RFC.

This fixes that behaviour so that it now correctly avoids escaping all unreserved characters as per RFC 3986, Section 2.3:
http://tools.ietf.org/html/rfc3986#section-2.3

Fwiw., this is also how the Perl implementation works:
http://search.cpan.org/dist/URI/URI/Escape.pm#DESCRIPTION

I opened this issue originally on Github, but I think it warrants further discussion, so re-opening here.


Files

erb_util_url_encode_rfc_fix.patch (1.46 KB) erb_util_url_encode_rfc_fix.patch madeofcode (Mark Dodwell), 07/04/2012 05:03 PM

Updated by madeofcode (Mark Dodwell) over 12 years ago

Sorry, somehow this ticket subject line got truncated. Newline paste fail.

Updated by shyouhei (Shyouhei Urabe) over 12 years ago

  • Subject changed from [PATCH] to [PATCH] ERB::Util.url_encode should not escape unreserved characters
  • Status changed from Open to Feedback

FYI, the old discussion is at https://github.com/ruby/ruby/pull/54

I see the patch itself is OK. The question is to be or not to be able to escape tilde.

Updated by naruse (Yui NARUSE) over 12 years ago

  • Status changed from Feedback to Assigned
  • Assignee set to seki (Masatoshi Seki)

Updated by duerst (Martin Dürst) over 12 years ago

The tilde was added to the unreserved characters in URIs in RFC 2396. It is specifically mentioned in http://tools.ietf.org/html/rfc2396#appendix-G.2:

The tilde "~" character was added to those in the "unreserved" set,
since it is extensively used on the Internet in spite of the
difficulty to transcribe it with some keyboards.

RFC 2396 was published in August 1998, about 14 years ago. I think it's safe to make this change now :-).

Updated by naruse (Yui NARUSE) over 12 years ago

This can change but need not, so up to seki, the maintainer.

やってもやらなくてもいい変更だと思っているので、関さんにお任せします。

Actions #6

Updated by naruse (Yui NARUSE) almost 12 years ago

  • Target version changed from 1.9.3 to 2.6

Updated by hsbt (Hiroshi SHIBATA) over 7 years ago

  • Assignee changed from seki (Masatoshi Seki) to k0kubun (Takashi Kokubun)

Updated by duerst (Martin Dürst) over 7 years ago

It's now close to 19 years since RFC 2396, so please fix this issue, thanks!

Actions #9

Updated by k0kubun (Takashi Kokubun) over 7 years ago

  • Status changed from Assigned to Closed

Applied in changeset trunk|r58772.


erb.rb: Don't encode tilde in #url_encode

Based on patch by madeofcode (Mark Dodwell).
[ruby-core:46168] [Bug #6696] [Fix GH-54]

~ is a unreserved character.
https://tools.ietf.org/html/rfc3986#section-2.3

Updated by usa (Usaku NAKAMURA) over 7 years ago

  • Backport changed from 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN to 2.2: WONTFIX, 2.3: WONTFIX, 2.4: UNKNOWN

memo: I think that this is a bug, but it may surprise users to change this behavior at teeny releases. Therefore I decided not to backport this to ruby_2_3 branch.

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0