Try to handle this html form:
<html> <body> <form name="my-form" action="/tbnl/form" method="post"> <input type=text name=":myfield" value="foo"> </form> </body> </html>
after submitting this form in TBNL *debug-mode* you will get:
(post-parameters) (("%3Amyfield" . "foo"))
instead of
(("myfield" . "foo" ))
Any explanation for this ?
On Wed, 01 Sep 2004 18:26:47 +0200, Massimiliano Campagnoli maxi@paoloastori.com wrote:
Try to handle this html form:
<html> <body> <form name="my-form" action="/tbnl/form" method="post"> <input type=text name=":myfield" value="foo"> </form> </body> </html>
after submitting this form in TBNL *debug-mode* you will get:
(post-parameters) (("%3Amyfield" . "foo"))
instead of
(("myfield" . "foo" ))
That would be strange. I hope you expected
((":myfield" . "foo" ))
Any explanation for this ?
Yes, that's how the browser sends the field's name. When accepting POST or GET parameters the values are URL-decoded (see request.lisp and the function FORM-URL-ENCODED-LIST-TO-ALIST in util.lisp), the names aren't. Do you think it would make sense to decode the names as well? It'd be a trivial code change but I'm not sure about the implications. What do the RFCs say? Are there any restrictions on the names of the parameters?
Cheers, Edi.
On 2004-09-01 20:50:24, Edi Weitz wrote:
Yes, that's how the browser sends the field's name. When accepting POST or GET parameters the values are URL-decoded (see request.lisp and the function FORM-URL-ENCODED-LIST-TO-ALIST in util.lisp), the names aren't. Do you think it would make sense to decode the names as well? It'd be a trivial code change but I'm not sure about the implications. What do the RFCs say? Are there any restrictions on the names of the parameters?
Haven't read the RFC, but cgi.rb (CGI library of Ruby) decodes names and values.
key, value = pairs.split('=',2).collect{|v| CGI::unescape(v) }
CGI.pm (CGI library of Perl), too.
$param = unescape($param); $value = unescape($value);
Regards, Stefan
On Wed, 1 Sep 2004 21:48:21 +0200, Stefan Scholl stesch@no-spoon.de wrote:
Haven't read the RFC, but cgi.rb (CGI library of Ruby) decodes names and values.
key, value = pairs.split('=',2).collect{|v| CGI::unescape(v) }CGI.pm (CGI library of Perl), too.
$param = unescape($param); $value = unescape($value);
OK, thanks for the info.
So I think we should follow their lead. I've released a new version:
Version 0.2.11 2004-09-02 FORM-URL-ENCODED-LIST-TO-ALIST now decodes names and values
Note that this change affects the names of GET and POST parameters as well as the names of cookies.
Cheers, Edi.
-
Edi Weitz -
Massimiliano Campagnoli -
Stefan Scholl