Hi Scott,<br><br>I don't think we are in contradiction here, but in point of view. I am saying that we should not encode what is an allowed character. If the URL is already present somewhere like (<a href="http://example.com/hj/hj">http://example.com/hj/hj</a>) there is not need to encode and if it is present like (<a href="http://example.com">http://example.com</a>%2f/test) there is no need to decode. And what you should do if you get such a URL, just do not touch it, because it contains no invalid character.<br>
<br>@URL dictionary: Are you kidding?? I was obviously referring to the same RFC. <br><br>I will like you to think for a moment and tell me what will you gain by breaking the URL into components and then encoding it and then joining it again. Consider this problem statement: You are given a URL, which is extracted from a source HTML of a webpage, and you need to access it using drupal_http_request(). I am, of course, interesting in improving what I currently have in hand.<br>
<br>"Fire me all you can, but cast me into a solid and beautiful pot"<br><br clear="all">--<br>Regards,<br>Nitin Kumar Gupta<br><a href="http://publicmind.in/blog/">http://publicmind.in/blog/</a><br>
<br><br><div class="gmail_quote">On Sun, Mar 14, 2010 at 10:50 AM, Scott Reynen <span dir="ltr"><<a href="mailto:scott@makedatamakesense.com">scott@makedatamakesense.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">On Mar 13, 2010, at 8:20 PM, nitin gupta wrote:<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I completely agree to what you and Scott are trying to say. But, I am not looking to create an URL, just to sanitize it to remove disallowed character, i.e. what a browser would do while accessing a URL when a user inputs an URL. Consider, I parse the following URL from XML:<br>
<br>
<a href="http://example.com?test/com" target="_blank">http://example.com?test/com</a><br>
<br>
Do you think I should encode the '/' in the query part i.e. [test/com]??<br>
</blockquote>
<br></div>
Technically, yes, but that's beside the point. Regardless of how strictly you choose to apply URL encoding, you should be applying it to specific URL parts, not full URLs.<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I don't think we need to. (Nor will Firefox, if you enter this URL in the address bar).<br>
</blockquote>
<br></div>
You're right that encoding the slash character isn't particularly important in the query. In a path segment, however, the difference between encoded and unencoded slashes is very significant; <a href="http://example.com/a/b/c" target="_blank">http://example.com/a/b/c</a> is different than <a href="http://example.com/a%2fb/c" target="_blank">http://example.com/a%2fb/c</a>. And a slash definitely shouldn't be encoded where it's used as a delimiter between URL components. This is actually a good example of why encoding must be applied to individual URL components, not the full URL.<div class="im">
<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
If a URL contains characters which are allowed in the URL dictionary, will we ever need to encode those characters? No.<br>
</blockquote>
<br></div>
What is the URL dictionary? Here's one of the relevant RFC on URLs:<br>
<br>
<a href="http://www.ietf.org/rfc/rfc3986.txt" target="_blank">http://www.ietf.org/rfc/rfc3986.txt</a><br>
<br>
Selected quotes:<br>
<br>
"A percent-encoding mechanism is used to represent a data octet _in_a_component_"<br>
"the conflicting data must be percent-encoded _before_the_URI_is_formed_"<br>
<br>
Emphasis added to, well, emphasize that encoding applies to component parts.<br><font color="#888888">
<br>
--<br>
Scott Reynen<br>
MakeDataMakeSense.com<br>
<br>
<br>
</font></blockquote></div><br>