Re: Updates URL.pm file
Roy T. Fielding (fielding@avron.ICS.UCI.EDU)
Sat, 18 Mar 1995 01:12:46 -0800
> # Escaping functions
>
> $escaped = URL::escape($url);
> $url = URL::unescape($escaped);
> ...
>
> # escape()
> #
> # 'http://web/this has spaces' -> 'http://web/this%20has%20spaces'
> #
> sub escape # not a method
> {
> local($_) = @_;
> s/([\x00-\x20"#%;<>?\x7F-\xFF])/sprintf("%%%02x",ord($1))/eg;
> $_;
> }
It is not possible to properly escape the special characters in a
URL in one fell swoop. Each component of a URL has separate requirements
regarding what must be escaped, and those requirements are also
dependent on the URL scheme. That is why the perl4 version uses a
parameter to specify the replacement string (unsafe characters):
# ===========================================================================
# escape(): Return the passed string after replacing all characters matching
# the passed pattern with their %XX hex escape chars. Note that
# the caller must be sure not to escape reserved URL characters
# (e.g. / in pathnames, ':' between address and port, etc.) and thus
# this routine can only be applied to each URL part separately. E.g.
#
# $escname = &escape($name,'[\x00-\x20"#%/;<>?\x7F-\xFF]');
#
sub escape
{
local($str, $pat) = @_;
$str =~ s/($pat)/sprintf("%%%02lx",unpack('C',$1))/ge;
return($str);
}
# ===========================================================================
escape() cannot be applied to a URL without having full knowledge of why
the URL is being escaped. Note that you also cannot escape an already
escaped URL.
......Roy Fielding ICS Grad Student, University of California, Irvine USA
<fielding@ics.uci.edu>
<URL:http://www.ics.uci.edu/dir/grad/Software/fielding>