-
Notifications
You must be signed in to change notification settings - Fork 17.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/url: PathEscape treatment of reserved characters is inconsistent #27559
Comments
@bradfitz @andybons
|
An actual implementation is always a mix of RFC and practical usage. And trying to follow RFC to the letter has bit us in the past (#27302). I believe what we are trying to do here is only escape those characters which are intended to be used as delimiters in a path segment. I am curious to know whether you are actually facing issues due to this, or you have just stumbled across this. On a different note, reading the RFC and the code, I have a different question - @bradfitz - Regarding this comment -
The RFC mentions -
So, following this logic, shouldn't |
I opened this three months ago, and don't remember the details of the problems it caused (a workaround was simple and implemented without fuss). And if you see compelling reason to leave the inconsistent behavior in
|
Has this ever been looked at after? I came here after I noticed the |
;
and,
are permitted by RFC 3986 in path segments, butPathEscape
percent-encodes them because "URI producing applications often use the reserved characters allowed in a segment to delimit scheme-specific or dereference-handler-specific subcomponents". However, it does not escape other reserved characters potentially subject to the same kind of special treatment:=
is "often used to delimit parameters and parameter values", particularly in conjunction with;
(e.g., "name;v=1.1").
is used in.
and..
"dot-segments" to "indicate relative position within the hierarchical tree of names… interpreted within the URI path hierarchy… removed as part of the resolution process".:
is not allowed in the first path segment of a relative-path reference, "as it would be mistaken for a scheme name" (e.g., a URI reference of "foo:bar/baz/quux" is very different from "foo-bar/baz/quux").What version of Go are you using (
go version
)?1.11
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?linux amd64
What did you do?
https://play.golang.org/p/f-byVa3k2gi
What did you expect to see?
non-scheme%3Anon-authority/foo%3Dbar%3Bbar%3Dbaz/%2E%2E
(all potentially special characters percent-encoded), or maybenon-scheme:non-authority/foo=bar;bar=baz/..
(no characters percent-encoded unless required by RFC).What did you see instead?
non-scheme:non-authority/foo=bar%3Bbar=baz/..
The text was updated successfully, but these errors were encountered: