net/url: Go incorrectly unescapes URL and breaks HTTP Redirects #3433
Labels
Comments
|
Comment 1 by stephane.travostino: The net/url parsing function is not broken in all cases. I'm attaching a simple test case, which converts a string to *URL, and from *URL to string. The output is: Correct: Before: http://www.hulkshare.com/dl/y9g6b0xkgg37/01%20Rack%20City%20(Remix).mp3 After: http://www.hulkshare.com/dl/y9g6b0xkgg37/01%20Rack%20City%20(Remix).mp3 Incorrect: Before: http://cdn04.hulkshare.com/dev4/0/003/400/0003400309.fid/01_Rack_City_%28Remix%29.mp3?key=33f088e7a37cd0b4d555f2700be39c1f&dl=1 After: http://cdn04.hulkshare.com/dev4/0/003/400/0003400309.fid/01_Rack_City_(Remix).mp3?key=33f088e7a37cd0b4d555f2700be39c1f&dl=1 Attachments:
|
|
Comment 2 by stephane.travostino: In http://golang.org/src/pkg/net/url/url.go, line 71, a TODO comment reminds the author to update the reserved characters as specified in RFC 3986. In that RFC, the '(' and ')' character, for example, are reserved, and as such the two "After" strings in the output above are invalid. I'll try to write a patch for this. |
|
Comment 3 by stephane.travostino: With this patch, supporting RFC 3986, I no longer get the 412 HTTP error. Attachments:
|
stephane.travostino, you can follow the instruction detailed here to contribute the patch. http://golang.org/doc/contribute.html#Code_review |
|
This issue was closed by revision 56024fa. Status changed to Fixed. |
rsc
pushed a commit
that referenced
this issue
May 11, 2015
««« backport 6b46fb967ca4 net/url: Correctly escape URL as per RFC 3986 The shouldEscape function did not correctly escape the reserved characters listed in RFC 3986 §2.2, breaking some strict web servers. Fixes #3433. R=rsc CC=golang-dev https://golang.org/cl/5970050 »»»
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
by stephane.travostino:
The text was updated successfully, but these errors were encountered: