<div dir="ltr">Done: <a href="https://trac.osgeo.org/gdal/ticket/7095">https://trac.osgeo.org/gdal/ticket/7095</a>.</div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Oct 13, 2017 at 4:29 PM, Even Rouault <span dir="ltr"><<a href="mailto:even.rouault@spatialys.com" target="_blank">even.rouault@spatialys.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Sean,<br>
<span class=""><br>
> I'd like to point out that very often URLs in a query string do not need to<br>
> be encoded. Both the Python (see my earlier example) and Node standard<br>
> parsers will handle the string<br>
><br>
<br>
</span>While researching that issue, and from my pat memories, I found that there is<br>
a bit of confusion around the subject when to escape or not<br>
<span class=""><br>
> /viscurl?option1=foo&option2=<wbr>bar&url=<a href="https://example.com/foo.tif" rel="noreferrer" target="_blank">https://example.com/<wbr>foo.tif</a><br>
><br>
> without any URL encoding.<br>
<br>
</span><a href="https://tools.ietf.org/html/rfc3986" rel="noreferrer" target="_blank">https://tools.ietf.org/html/<wbr>rfc3986</a> says in "3.4. Query"<br>
<br>
"""<br>
query = *( pchar / "/" / "?" )<br>
<br>
The characters slash ("/") and question mark ("?") may represent data<br>
within the query component. Beware that some older, erroneous<br>
implementations may not handle such data correctly when it is used as<br>
the base URI for relative references (Section 5.1), apparently<br>
because they fail to distinguish query data from path data when<br>
looking for hierarchical separators. However, as query components<br>
are often used to carry identifying information in the form of<br>
"key=value" pairs and one frequently used value is a reference to<br>
another URI, it is sometimes better for usability to avoid percent-<br>
encoding those characters.<br>
"""<br>
<br>
But urrlib.urlencode() encodes slashes in values of query arguments, so they<br>
probably decided to avoid isues with the above mentionned older, erroneous<br>
implementations<br>
<br>
>>> urllib.urlencode({'foo':'bar', 'url': '<a href="http://example.com" rel="noreferrer" target="_blank">http://example.com</a>'})<br>
'url=http%3A%2F%2Fexample.com&<wbr>foo=bar'<br>
<span class=""><br>
> The web already has escaping rules built in, one of the benefits I alluded<br>
> to above.<br>
<br>
</span>OK, let's follow your suggestion of using URL query string formatting, while<br>
this hasn't gone in a official release. Could you create a ticket about that ?<br>
<div class="HOEnZb"><div class="h5"><br>
Even<br>
<br>
--<br>
Spatialys - Geospatial professional services<br>
<a href="http://www.spatialys.com" rel="noreferrer" target="_blank">http://www.spatialys.com</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Sean Gillies</div></div>
</div>