[hunchentoot-devel] url-encode doesn't encode apostrophes
Robert Uhl
eadmund42 at gmail.com
Sat Dec 22 04:30:53 UTC 2007
Edi Weitz <edi at agharta.de> writes:
>
> It seems complex, but it is the right way to do it. FWIW, the CL-WHO
> function is called ESCAPE-STRING, not ENCODE-STRING, and that shows
> its intent more clearly.
Doh! Typing from memory. Because of course with a computer capable of
billions of operations per second it's just too painful to look up these
minor details *grin*
> As you said, you URL-encode the string to make it suitable for a URL.
> You might want to use the result for a header value in an HTTP reply,
> or as a URL you're giving to a client like Drakma. That's fine. But
> if you want to put the URL-encoded string into an HTML page, then the
> HTML rules apply, and you might have to escape the string in order not
> to create conflicts. That's life... :)
Yeah, it makes sense--just a bit surprising I guess.
> Still, I'm surprised to see parts like "r%26rsquo%3Bs" in your example
> URL. With recent Hunchentoot and CL-WHO I get this:
>
> CL-USER 4 > (hunchentoot:url-encode "Fuller's")
> "Fuller's"
>
> CL-USER 5 > (cl-who:escape-string *)
> "Fuller's"
The '’' is part of the original string (for hysterical raisins all
strings in the database are HTML strings); it then gets encoded into
%26rsquo%3B by URL-ENCODE; OTOH when I have an ASCII apostrophe (_not_ a
right single quote) then it gets passed as-is by URL-ENCODE but gets
escaped by ESCAPE-STRING.
--
Robert Uhl <http://public.xdi.org/=ruhl>
OTOH there are some of us in .UK who would rather like NAFTA to
become the North Atlantic Free-Trade Area, and for .UK to sign
up to it instead of us piddling around on the periphery of some
wannabe second-rate-superpower European bureaucracy that, in all
honesty, couldn't come to a consensus on how many primary colours
there are. --Tanuki
More information about the Tbnl-devel
mailing list