Canonicalizer fun

[Chuck Murcko <ch...@telebase.com>]

Hello again, Joerg. I have found the source of this problem.

Are you trying to send a literal '%' in the section

PROD_NAME=%

???

>From RFC 1738:

 The character "%" is unsafe because it is used for
   encodings of other characters.

To the group:

What about the '/' character (and others) within form data sets?

For instance, the URL

http://www.telegraph.co.uk/et/access?ac=117527821782&pg=//96/6/11/wleb11.html

breaks when sent through the proxy because the '/' in the form data set
are encoded as %2F.

Should this (and others not considered 'unsafe') be sent unencoded by
the proxy?

Sigh. Onward, into the canonicalizer.

Joerg Morbitzer liltingly intones:
> 
> > 
> > Thanks for pointing this one out. This bug appears to be happening on all
> > OS, not just Solaris, according to my testing. I should be able to get
> > a fix into Apache by next beta release.
> 
> Thank you for your answer, but the new release 1.1b3
> doesn't work, too ! For example:
> 
> http://www.transtec.de/doit/nph-t6?sc=WWW_pdz&db=pdzdb&VAR&FRM=WWW_manufact&LANG=D&HLP=N&PROD_NAME=%&KATA=K&la=D&GRP=DIS-SCS-2GB
> 
> returns :
> 
> Bad Request
> Your Browser sent a query that this server could not
> understand
> 
> I hope, you can help me, Joerg.
> 
chuck
Chuck Murcko	N2K Inc.	Wayne PA	chuck@telebase.com
And now, on a lighter note:
While anyone can admit to themselves they were wrong, the true test is
admission to someone else.