Closed
Bug 361817
Opened 18 years ago
Closed 18 years ago
nsWebShell::OnOverLink incorrectly unescapes percent encoded hostnames
Categories
(Core :: DOM: Navigation, defect)
Core
DOM: Navigation
Tracking
()
RESOLVED
DUPLICATE
of bug 304905
People
(Reporter: timeless, Unassigned)
References
()
Details
(Keywords: intl)
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en; rv:1.9a1) Gecko/20061120 Camino/1.2+
Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en; rv:1.9a1) Gecko/20061120 Camino/1.2+
Steps to Reproduce:
1. hove over http://www.%67oogle.com/
Actual Results:
status bar shows http://www.google.com/
Expected Results:
status bar shows http://www.%67oogle.com/
Updated•18 years ago
|
Component: Toolbars & Menus → Embedding: Docshell
OS: Mac OS X 10.3 → All
Product: Camino → Core
QA Contact: toolbars → docshell
Hardware: Macintosh → All
Summary: Status bar incorrectly unescapes percent encoded hostnames → nsWebShell::OnOverLink incorrectly unescapes percent encoded hostnames
Comment 1•18 years ago
|
||
*** Bug 361819 has been marked as a duplicate of this bug. ***
Comment 2•18 years ago
|
||
*** Bug 361818 has been marked as a duplicate of this bug. ***
Comment 3•18 years ago
|
||
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/docshell/base/nsWebShell.cpp&rev=1.680&mark=891#862
biesi points out that perhaps this is a problem with UnescapeURIForUI's implementation.
Comment 4•18 years ago
|
||
Interestingly enough, 2006112022 (1.2+) doesn't seem to have this problem.
Comment 5•18 years ago
|
||
Yeah, that is indeed the problem.
It looks like this and the FILE_NOT_FOUND error handling in docshell are basically the only callers of unEscapeURIForUI that pass in a complete spec. We should probably just have a separate API for this (one that will unescape all but the scheme and hostname, I guess?)....
Flags: blocking1.9?
Keywords: intl
Comment 6•18 years ago
|
||
Where is it written that we shouldn't unescape hostnames? What about IDNs? Examples:
http://r%C3%A4ksm%C3%B6rg%C3%A5s.josefsson.org
http://%E7%B4%8D%E8%B1%86.w3.mag.keio.ac.jp
Comment 7•18 years ago
|
||
It seems I was misled by the fact that "View Selection Source" escapes hostnames in URIs (perhaps that should also be fixed?). In the page that I copied those examples from, http://www.w3.org/2003/Talks/0425-duerst-idniri/slide12-0.html , they are not escaped.
Comment 8•18 years ago
|
||
I still think this is invalid (per RFC 3986), but anyway it's a dupe.
*** This bug has been marked as a duplicate of 304905 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
Updated•18 years ago
|
Flags: blocking1.9?
Comment 9•18 years ago
|
||
(In reply to comment #8)
> I still think this is invalid (per RFC 3986), but anyway it's a dupe.
I agree. For instance, see bug 309671.
You need to log in
before you can comment on or make changes to this bug.
Description
•