-
Notifications
You must be signed in to change notification settings - Fork 17.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/url: URL.String() does not escape Query #30922
Comments
@bradfitz - any reason we are not escaping the query string ? |
I forget. But every time we touch this package we break tons of people, so might be best alone or documented. |
I invite people to read RFCs for guidance, compare other implementations, and explore what would break if we changed this. |
Simply applying Decided to try doing something similar to In all cases, though, outputting magnet links will suffer from fixing this issue (see #20054). |
Change https://golang.org/cl/168559 mentions this issue: |
Currently trying to find what this CL above breaks out in the wild. So far the only thing that bothers me is checking for Question remains whether this is a valid approach, though. I wasn't able to find any URI scheme other than magnet that looks like opaque URIs but not quite and uses query values instead. If that's the case, shouldn't we just do |
Also related #22907. |
fwiw, I believe the correct way of encoding the domain part wold be ... |
After spending about a month on testing it against different projects, I think that uploaded CL fixes this fairly well. I guess leaving it for a while on tip would expose real-world breakages. As for what others do, it's complicated:
|
@bradfitz you've mentioned that most of the changes in Now that 1.13 is released does it make sense to land CL168559 on master in order to have enough time to test and realize whether this actually breaks somebody and if so revert it before 1.14? |
I occasionally rebase this CL on top of releases in order to use it. Since 1.16 my change breaks a test regarding IA5String encoding: 1eeaff7
@rolandshoemaker could you advise whether it makes sense NOT to expect error anymore once the whole URL is properly escaped? Wouldn't quoting actually fix those rare badly encoded names you mention in the commit message? I think removing the test case should be fine, yet it feels terribly wrong to just remove a test case in a |
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
https://play.golang.org/p/xe9E6LAZhLs
What did you expect to see?
What did you see instead?
Notice how that
ключ=стойност
is left unescaped.The text was updated successfully, but these errors were encountered: