You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Sebb (JIRA)" <ji...@apache.org> on 2017/02/04 15:21:51 UTC
[jira] [Resolved] (VALIDATOR-396) Check missing if unwise
characters (backslash etc., see rfc2396) are used
[ https://issues.apache.org/jira/browse/VALIDATOR-396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sebb resolved VALIDATOR-396.
----------------------------
Resolution: Not A Bug
This is not a bug, because such characters are allowed and will be handled by well-behaved applications.
If additional validation is required to suit individual broken apps then this will have to be provided by the user as required for the particular application.
(Or better, the app should be fixed).
If Validator were to start rejecting unwise characters then it is may break valid apps.
> Check missing if unwise characters (backslash etc., see rfc2396) are used
> -------------------------------------------------------------------------
>
> Key: VALIDATOR-396
> URL: https://issues.apache.org/jira/browse/VALIDATOR-396
> Project: Commons Validator
> Issue Type: Bug
> Components: Routines
> Affects Versions: 1.5.0
> Environment: all
> Reporter: dr0i
> Labels: easyfix
> Original Estimate: 0.5h
> Remaining Estimate: 0.5h
>
> From the rfc2396:
> "
> Other characters are excluded because gateways and other transport
> agents are known to sometimes modify such characters, or they are
> used as delimiters.
> unwise = "{" | "}" | "|" | "\" | "^" | "[" | "]" | "`"
> Data corresponding to excluded characters must be escaped in order to
> be properly represented within a URI.
> "
> The URLValidator doesn't check if an "unwise" character is used as unescaped char and subsequently reports a URL as valid if it has an unwise character in it. There are some applications out there which break eating such a URL.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)