A similar discussion happened shortly after I started using web2py. If you read through this thread you can see the discussion that Massimo and I had on the topic. You probably want to jump down to around message 13 in the thread.
http://groups.google.com/group/web2py/browse_frm/thread/414723e11c9f95b9?tvc=1&q=IS_URL I currently use my own validator (also not completely RFC1738 compliant) for parsing urls instead of the built in IS_URL. Kyle On Wed, Oct 22, 2008 at 1:21 PM, Timothy Farrell <[EMAIL PROTECTED]> wrote: > Ugh, I have an issue. > > It has come to my attention that the URL validation does not conform to > RFC1738 (section 2.2 is the most relevant). This is fine for the > schema://host/application/controller/function part of the URL, but it causes > problems in such circumstances that I ran into today. Here are the details: > > I made a PDF file pass-through that I access like : > /init/default/pdfpass/dir/PDF_FILENAME.pdf > > I ran into the problem of sometimes a request comes in that looks like: > /init/default/pdfpass/dir/PDF'FILENAME.pdf (notice the apostrophe) > > This doesn't play well with the URL validation regexp from main.py line > 39. I would like to be able to use normal URL characters in my function > arguments. > > For those with not enough time/patience to read an RFC, normal path > characters are: letters, numbers, and *$ - _ . + ! * ' ( ) ,* This does > not include the special URL path characters: */ @ ? : = & ;* > > Thoughts? Can we include these characters without compromising security? > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
