[Templates] URI Filter Issues
Nigel Metheringham
nigel.metheringham@dev.intechnology.co.uk
Tue, 13 Feb 2007 12:41:49 +0000
[Sorry Andy for managing to send the initial copy of this just to you
rather than the list]
I think that this change is too aggressive...
On 9 Feb 2007, at 18:11, Andy Wardley wrote:
> #---------------------------------------------------------------------
> ---
> # Version 2.15b - 30th May 2006 ## DEVELOPER
> RELEASE ##
> #---------------------------------------------------------------------
> ---
>
> * Changed the uri filter to escape all reserved characters as per
> URI::Escape and RFC2396. This now includes &, @, /, ;, :, =, +, ?
> and $ which were previously not escaped. Thanks to islue@cpan.org
> for reporting the problem.
>
> http://rt.cpan.org/Ticket/Display.html?id=19593
It used to be the case that you could just do:-
my_url | uri
and things pretty much worked. So for example
<a href="[% my_url | uri %]">my link</a>
did basically the right thing (yes you might also want a html filter
there too). This worked whether my_url was relative, absolute or full
uri (with protocol specifier etc).
So
[% "http://www.template-toolkit.org/" | uri %]
gave
http://www.template-toolkit.org/
now, with recent releases, it gives
http%3A%2F%2Fwww.template-toolkit.org%2F
This latter escaped form will be treated as a local relative uri by
browsers I have checked against.
If we want a uri escape that is that aggressive, can it be put under a
different name, and the existing uri be modded back to allow : and /
characters through untouched...
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@InTechnology.co.uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]