RE: URL with @ in passwords
Date: Fri, 30 Jul 2004 08:13:02 -0400
And hence why:
char *curl_escape( char * url , int length );
Is so useful for doing precisely that. Because any RFC for that
matter makes for great bedtime reading.
> As far as I can tell, the problem is the input, not curl. If your
> script/application properly formats the URL, curl will parse it apart
> properly. I've never had a problem with curl failing to parse a properly
> formed URL correctly.
> It's important to understand that URL's/URI's are *not* strings. They are
> data structures that contain scheme, host, port, path, query, fragment,
> username, and password data items. They are serialized into string format
> for transmission or display. The various characters that the URI syntax
> uses ('/', '@', '#', '?', etc.) are reserved for separating the different
> data segments of the URI. If you have a character that conflicts with the
> syntax of the URI, it must be %hex escaped. In this case, all '@'
> characters other than the '@' that separates the password from the host must
> be %hex escaped, else they will cause ambiguous parsing like you have
> encountered. When your script/application assembles the URL in string
> format, it needs to do so by escaping any conflicting characters.
> The URI RFC (http://www.ietf.org/rfc/rfc2396.txt) makes for great bedtime
> reading (zzzz...) and should answer most questions of this nature.
-- Casey O'Donnell RPI STS Department - Graduate Student http://homepage.mac.com/codonnell/ http://homepage.mac.com/codonnell/wxblogger/Received on 2004-07-31