Closed Bug 338274 Opened 19 years ago Closed 19 years ago

& in URLs is not converted to & when making a request

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Version:
1.7 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: adepali, Unassigned)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13) Gecko/20060418 Firefox/1.0.8 (Ubuntu package 1.0.8) Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13) Gecko/20060418 Firefox/1.0.8 (Ubuntu package 1.0.8) Several accessibility validators require that & in urls is coded as &amp;. For example, they suggest using: <a href="http://www.test.org/try.php?x=0&amp;y=5">test</a> instead of <a href="http://www.test.org/try.php?x=0&y=5">test</a> When I open such a page with Firefox, hovering over the link displays the "right" url (i.e. it displays it with & instead of &amp;). However when I click on it, the request contains &amp;, which messes up the web server. IE automatically converts &amp; in URLs to &. Not sure if there is any sort of debate about what's the correct behavior here, but pages with plain & in URLs don't pass accessibility tests. Reproducible: Always Steps to Reproduce: 1. Make a URL that contains &amp; instead of & 2. Click on the URL 3. Check the request Actual Results: &amp; is not replaced by & Expected Results: &amp; should be replaced by &
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9a1) Gecko/20060517 Minefield/3.0a1 - Build ID: 0000000000 WFM. Can you reproduce this with the latest official Mozilla build of Firefox? (1.5.0.3)
Component: General → HTML: Parser
Product: Firefox → Core
Version: unspecified → 1.7 Branch
Yes the same thing happens with 1.5.0.3 too.
Can you attach a complete sample web page demonstrating this please?
I was wrong, Firefox converts &amp; to & correctly. The problem was with a redirect header created by PHP's header( "Location: $url" ) command. The &amp; contained in $url is not converted.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
As a matter of fact I looked a bit more into it. I compared 2 programs. Here's a redirect generated in HTML: <?php if ( count ( $_GET ) == 0 ) { echo '<META HTTP-EQUIV=REFRESH CONTENT="1; URL=try.php?x=1&amp;y=2">'; exit( 0 ); } ?> <html><head><title>Test</title></head> <body> <?php var_dump( $_GET ); ?> </body> </html> Then I tried the same code substituting the META with header( "Location: try.php?x=1&amp;y=2" ); In the first case everything was fine. In the second it was not. Monitoring the network traffic gives this (> is request, < is reply) HTML version ------------- > GET try.php < ... (some headers) < <META HTTP-EQUIV=REFRESH CONTENT="1; URL=try.php?x=1&amp;y=2"> > GET try.php?x=1&y=2 PHP version ----------- > GET try.php < ... (some headers) < Location: try.php?x=1&amp;y=2 > GET try.php?x=1&amp;y=2 So I believe it is the responsibility of the browser to convert the &amp; in the Location header in the same way it does in the META tag.
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
Component: HTML: Parser → Networking: HTTP
QA Contact: general → networking.http
No, it is not. HTTP headers are not HTML, or XML, or SGML: they are plain text.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago19 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.