You are absolutely correct that it's not the same discussion. I was just trying to point you to previous conversation about url validation in general since it is a similar topic.
Kyle On Wed, Oct 22, 2008 at 1:50 PM, Timothy Farrell <[EMAIL PROTECTED]> wrote: > Thanks for your input, but this is not about the IS_URL validator. This > is about web2py utterly rejecting any request that has and apostrophe (or > other RFC-valid punctuation) in the middle of the path. > > -tim > > > Kyle Smith wrote: > > A similar discussion happened shortly after I started using web2py. If you > read through this thread you can see the discussion that Massimo and I had > on the topic. You probably want to jump down to around message 13 in the > thread. > > > http://groups.google.com/group/web2py/browse_frm/thread/414723e11c9f95b9?tvc=1&q=IS_URL > > I currently use my own validator (also not completely RFC1738 compliant) > for parsing urls instead of the built in IS_URL. > > Kyle > > On Wed, Oct 22, 2008 at 1:21 PM, Timothy Farrell <[EMAIL PROTECTED]>wrote: > >> Ugh, I have an issue. >> >> It has come to my attention that the URL validation does not conform to >> RFC1738 (section 2.2 is the most relevant). This is fine for the >> schema://host/application/controller/function part of the URL, but it causes >> problems in such circumstances that I ran into today. Here are the details: >> >> I made a PDF file pass-through that I access like : >> /init/default/pdfpass/dir/PDF_FILENAME.pdf >> >> I ran into the problem of sometimes a request comes in that looks like: >> /init/default/pdfpass/dir/PDF'FILENAME.pdf (notice the apostrophe) >> >> This doesn't play well with the URL validation regexp from main.py line >> 39. I would like to be able to use normal URL characters in my function >> arguments. >> >> For those with not enough time/patience to read an RFC, normal path >> characters are: letters, numbers, and *$ - _ . + ! * ' ( ) ,* This does >> not include the special URL path characters: */ @ ? : = & ;* >> >> Thoughts? Can we include these characters without compromising security? >> >> >> >> > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
