Author xiang.zhang
Recipients martin.panter, takayuki, xiang.zhang
Date 2015-09-24.03:03:05
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1443063786.17.0.351119792753.issue24657@psf.upfronthosting.co.za>
In-reply-to
Content
I think this is a bug. 

According to the rfcs, "/" is a reserved character in query component and continuous "/" in query component may be invalid and how to deal with it depends on the server. But encoded "/", %2F, acts as data and should be preserved. And from rfc3875, QUERY_STRING must be passed encoded.

I tested in apache2.4 with martin's script, query string is:

('QUERY_STRING', 'k=aa%2F%2Fbb&//q//p//=//a//b//')

In python's CGI server, it is:

('QUERY_STRING', 'k=aa/bb&/q/p/=/a/b/'),
History
Date User Action Args
2015-09-24 03:03:06xiang.zhangsetrecipients: + xiang.zhang, takayuki, martin.panter
2015-09-24 03:03:06xiang.zhangsetmessageid: <1443063786.17.0.351119792753.issue24657@psf.upfronthosting.co.za>
2015-09-24 03:03:06xiang.zhanglinkissue24657 messages
2015-09-24 03:03:05xiang.zhangcreate