On Fri, 21 Dec 2007 13:57:15 -0700, Robert Uhl eadmund42@gmail.com wrote:
I'm using url-encode to encode strings that I use for keys (see e.g. http://octopodial-chrome.com/tasting-notes/beer/Fuller%26rsquo%3Bs/2000%20Vintage%20Ale; the brewer and beer name strings are both Unicode/HTML and contain characters meaningful in a URL). While running my pages through the w3c validator, I discovered that url-encode doesn't encode apostrophes ('), so now I run my strings through (cl-who:encode-string (hunchentoot:url-encode string)); is this the appropriate way to do things?
It might be: url-encode turns a string into a string suitable for a URL and encode-string turns a string into a string suitable for an HTML attribute value. Still, it seems a bit...complex.
It seems complex, but it is the right way to do it. FWIW, the CL-WHO function is called ESCAPE-STRING, not ENCODE-STRING, and that shows its intent more clearly.
As you said, you URL-encode the string to make it suitable for a URL. You might want to use the result for a header value in an HTTP reply, or as a URL you're giving to a client like Drakma. That's fine. But if you want to put the URL-encoded string into an HTML page, then the HTML rules apply, and you might have to escape the string in order not to create conflicts. That's life... :)
Still, I'm surprised to see parts like "r%26rsquo%3Bs" in your example URL. With recent Hunchentoot and CL-WHO I get this:
CL-USER 4 > (hunchentoot:url-encode "Fuller's") "Fuller's"
CL-USER 5 > (cl-who:escape-string *) "Fuller's"
And if I put a link like
<a href="http://weitz.de/foo?a=Fuller's">click me</a>
into an HTML file, then Firefox will go to
http://weitz.de/foo?a=Fuller%27s
if I click the link. Your example almost looks as if you have it the other way around.
Edi.