Re: [xml] Universally replacing space with %20 before calling xmlParseURI - bad?

Is it to be conflicting with "xmlns", "xsi:schemaLocation", ... ? 

-----Original Message-----
From: Richard W.M. Jones [mailto:rjones redhat com] 
Sent: Tuesday, December 12, 2017 7:49 AM
To: doodad-js Admin <doodadjs gmail com>
Cc: veillard redhat com; xml gnome org
Subject: Re: [xml] Re: Universally replacing space with %20 before calling
xmlParseURI - bad?

On Tue, Dec 12, 2017 at 07:38:38AM -0500, doodad-js Admin wrote:
The space character is an unsafe character and must be encoded with "%20"
[1]. So, URLs containing a space character are invalid URLs.


But the reasoning is:

  "The space character is unsafe because significant spaces may
  disappear and insignificant spaces may be introduced when URLs are
  transcribed or typeset or subjected to the treatment of
  word-processing programs."

which is irrelevant to this application.

My question is: if I don't care about making "valid" URLs according to any
RFC, is it unsafe or insecure for some other reason?

(BTW the same RFC also says:

  "In some cases, extra whitespace (spaces, linebreaks, tabs, etc.)
   may need to be added to break long URLs across lines.  The
   whitespace should be ignored when extracting the URL."

which xmlParseURI does not do.)


Richard Jones, Virtualization Group, Red Hat Read my programming and virtualization
blog: virt-df lists disk usage of guests without
needing to install any software inside the virtual machine.  Supports Linux
and Windows.

This email has been checked for viruses by AVG.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]