Post , UrlDecode and Ampersand
Sannyasin Sivakatirswami
katir at hindu.org
Sat Dec 20 23:57:22 EST 2003
Context is a faceless CGI that starts like this:
on startup
if $REQUEST_METHOD is "POST" then
## repeat read to get around bug in reading stnIn
repeat until length(tIncoming) >= $CONTENT_LENGTH
read from stdin until empty
put it after tIncoming
end repeat
put urlDecode (tIncoming) into tDataIn
split tDataIn by "&" and "="
Where the client http post urlEncoded string is issued from inside a
Rev stack and not a browser.
This above works great until someone types an ampersand in the middle
of field of text that is posted. This causes that field's text that is
meant for a single element in the array to break out into another
element. And worse, the subsequent element isn't named (there is no "="
in the text that is split off)
Now, there are obvious work arounds, such as, on the server/cgi side:
taking the
"+%26+" which is the encoded ampersand, and then replacing this with
some place holder like a pipe "|" ("+%7C+") first, then split the data
into the array and deal with the pipe later by replacing it back to an
ampersand.
Or, on the client side; setting up the stack that issues the posted
string to strip the ampersand out or change it to the word "and." But
something feels "off" about either of those options. So, before going
down that road, since the ampersand character is the official concat
character for urlEncoded form strings, I am wondering if any of you
wonderful souls out there know if there is already an established
internet IT spec for the proper way to handle this... or does everyone
just do WHEW (WHatEver Works) ??
Sannyasin Sivakatirswami
Himalayan Academy Publications
at Kauai's Hindu Monastery
katir at hindu.org
www.HimalayanAcademy.com,
www.HinduismToday.com
www.Gurudeva.org
www.Hindu.org
More information about the use-livecode
mailing list