> location.href="https://bugzilla.mozilla.org/?foo=\0&bar=\1" Exception: "The URI is malformed" // \1 should be stripped and \0 should be escaped to %00 and same for: location.assign("http\0://fo\0o.b\0ar/pa\0th#ha\0sh") location.search="?foo=\0&bar=\1" etc...
Assignee: nobody → valentin.gosu
Whiteboard: [necko-active] → [necko-active] btpp-active
Anne, From what I can tell, C0&space are still not allowed in the scheme and host. As of now, we enforce that we encode all C0 characters&space (except \r\n\t which are stripped) in the path, query and hash, the other exception being \0 - which we can't allow at the moment, since some of our API's still use C null-terminated strings. Is this OK?
I think the \0 behavior is broken (I believe most other user agents handle it fine), but the rest sounds like it matches the specification, yes.
Wasn't baku just fixing this kind of cases in some other bug? Or perhaps this is some different variant of it.
(In reply to Olli Pettay [:smaug] from comment #3) > Wasn't baku just fixing this kind of cases in some other bug? Or perhaps > this is some different variant of it. Similar thing in form submission. See bug 1272298.
Created attachment 8754425 [details] [diff] [review] Encode C0 controls in path, query and hash MozReview-Commit-ID: 1zGRjVmAWts
Attachment #8754425 - Flags: review?(mcmanus)
Attachment #8754425 - Flags: review?(mcmanus) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/f8cb3324570e9479124a7f5ef1cb4a23b6b1465f Bug 1272284 - Encode C0 controls in path, query and hash r=mcmanus
Status: NEW → RESOLVED
Last Resolved: 2 years ago
status-firefox49: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49
You need to log in before you can comment on or make changes to this bug.