Bizarre URL encoding
Andrew
via web
I don't know whether this is a problem, because I'm struggling to understand it :-)
If I send this:
"raw bracket: ] urlenc bracket: %5D, double encoded bracket: %255D"
This is what travels over the wire in the POST request to my backend:
msg=raw%20b racket%253A%20%255D%20%20urlenc%20bracket%253A%20%25255D%252C%20double%20encoded%20bracket%253A%20%2525255D
And this is what my app sees as the contents of $_REQUEST['msg']:
raw bracket%3A %5D urlenc bracket%3A %255d%2C double encoded bracket%3A %25255D
This is a correct parsing of the request stream, because the POST includes a content-type of application/x-www-form-urlencoded, so PHP correctly urldecodes the input ONCE. However, it is double encoded for some characters, so in order to construct the original string, my PHP script needs to do another url decode on the string, which then gives you this:
raw bracket: ] urlenc bracket: %5D, double encoded bracket: %255D
It's doubly confusing because for one of the encoding steps, spaces have been encoded, but in the other (unnecessary) encoding that has been done pre-sending, they weren't.
I don't think payloads should be urlencoded twice. The content body is currently not a correct representation of the original text.
I think this double encoding has only been occuring for the last few days.
2 Posted by System on 17 Jun, 2009 07:35 PM
A Lighthouse ticket was created for this discussion
3 Posted by Anthony Webb on 17 Jun, 2009 07:36 PM
Thanks for the info Andrew, we're on it.