Closed
Bug 227625
Opened 21 years ago
Closed 21 years ago
Ampersand in text form field is not escaped in URL
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: kannan, Assigned: bugzilla)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031203 Firebird/0.7+
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031203 Firebird/0.7+
On the Yahoo! Finance "Enter Symbol(s)" form, if you enter a string that has
both an ampersand and at least one space character, the URL generated when you
submit includes your ampersand as is (instead of "%26").
Reproducible: Always
Steps to Reproduce:
1. Go to http://finance.yahoo.com/
2. Type in "s&p 500" into the "Enter Symbol(s)" box.
3. Press "GO"
Actual Results:
I get a search result for the symbol "s" because the unescaped ampersand split
the parameter up. URL: http://finance.yahoo.com/q/cq?s=s&p+500&d=v1
Expected Results:
The ampersand should have been escaped. The URL should have looked like this (I
think): http://finance.yahoo.com/q?s=s%26p+500&d=v1
I've only seen this problem on the one form that I named in the "Steps to
Reproduce" section. Also, it only happens if there are spaces in the field. A
search for "s&p500" works fine.
The page did have some JavaScript but it didn't look like it messed around with
the URL.
Comment 1•21 years ago
|
||
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031027
Firebird/0.7+
I don't believe this is a problem with firebird. S&P 500 is not a valid item to
enter in the text box so yahoo returns the most likely match. All stock and
index symbols do not contain any spaces. For example if you want the S&P 500
^GSPC must be entered into the search box not "s&p500" or "S&P 500".
IE displays the same behavior which leads me to believe that this has to do with
the yahoo finance lookup engine and not a problem with firebird.
Reporter | ||
Comment 2•21 years ago
|
||
I just installed the "Live HTTP Headers" extension and looked at the request.
It looks like Firebird is sending out the correct location but, for some reason,
Yahoo sends a bad "Location" header.
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•