Closed Bug 93095 Opened 24 years ago Closed 19 years ago

escaped special chars in cgi param list parsed incorrectly

Categories

(SeaMonkey :: General, defect, P3)

x86
Windows 2000
defect

Tracking

(Not tracked)

RESOLVED INVALID
Future

People

(Reporter: grampp, Unassigned)

References

()

Details

From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2+) Gecko/20010729 BuildID: 2001072908 String "Brückenstr.%202%26DistrPLZ%3d96047%26DistrOrt%3dBamberg%26DistrPhone%3d%26DistrFax%3d%26DistrMail%3d%26DistrWWW%3d" is displayed. '=' and '&' are not handled as syntax elements in a cgi param list Correct output with Netscape 4 or IE! Reproducible: Always Steps to Reproduce: 1.enter URL 2. 3.
I see identical behavior typing that URL into the location bar or clicking on the given link on both linux Mozilla build 2001-07-30-06 and linux Netscape 4.x. The page is shown on both. Robert, could you please provide some clear steps to reproduce?
Comments from reporter: I did some further research and realized, that the the problem lies within JavaScript (not only). I filled the URL field in bugzilla with the value I cut from the comparison test with Netscape 4.75 not realizing that Mozilla creates a different URL. I'm sorry for that mistake! So, the starting URL is http://www.avery-zweckform.com/o_office/a_e_haendler/a_e_haendler.jsp?land=de&plz=96050 and I clicked the 2nd checkbox graphic. Mozilla results with this URL: http://www.avery-zweckform.com/a_allgemein/a_g_merkzettel/a_g_frames.html?contentFrame=/a_allgemein/a_g_merkzettel/a_g_merkzettel.jsp?ACTION%3DSETDISTRIBUTOR%26DistrFirm%3DGerhard+K%FCchler%26DistrName%3D%26DistrAddr%3dBr%FCckenstr.%25202%2526DistrPLZ%253d96047%2526DistrOrt%253dBamberg%2526DistrPhone%253d%2526DistrFax%253d%2526DistrMail%253d%2526DistrWWW%253d (Please change this in bugzilla) The problem starts with the JS replace function (in cgi item DistrAddr). " " should be replaced to "%20", but is replaced to "%2520". %26DistrAddr%3dBr%FCckenstr.%25202%2526DistrPLZ%253d96047 But then additionally there is a different error. "%26" which specified as a fix string in the windows.open call (see below) is translated to "%2526", i.e. '%' is escaped from now on. Note that the '%'s in the previous cgi items are not replaced! Strange! So, replacement of the '%' is not done generally by a later step in the URL evaluation. function call: AddHaendler('Gerhard+K%FCchler','','Br<FC>ckenstr. 2','96047','Bamberg','','','','') function AddHaendler(DistrFirm,DistrName,DistrAddr,DistrPLZ,DistrOrt,DistrPhone ,DistrFax,DistrMail,DistrWWW) { DistrFirm = DistrFirm.replace(/%26/gi, "und"); DistrName = DistrName.replace(/%26/gi, "und"); DistrOrt = DistrOrt.replace(/ /gi, "%20"); DistrPLZ = DistrPLZ.replace(/ /gi, "%20"); DistrPhone = DistrPhone.replace(/ /gi, "%20"); DistrFax = DistrFax.replace(/ /gi, "%20"); DistrMail = DistrMail.replace(/ /gi, "%20"); DistrWWW = DistrWWW.replace(/ /gi, "%20"); DistrAddr = DistrAddr.replace(/ /gi, "%20"); nW = window.open("/a_allgemein/a_g_merkzettel/a_g_frames.html?contentFrame= /a_allgemein/a_g_merkzettel/a_g_merkzettel.jsp?ACTION%3DSETDISTRIBUTOR %26DistrFirm%3D"+DistrFirm+"%26DistrName%3D"+DistrName+"%26DistrAddr%3 d"+DistrAddr+"%26DistrPLZ%3d"+DistrPLZ+"%26DistrOrt%3d"+DistrOrt+"%26D istrPhone%3d"+DistrPhone+"%26DistrFax%3d"+DistrFax+"%26DistrMail%3d"+D istrMail+"%26DistrWWW%3d"+DistrWWW,"Merkzettel", Please decide yourself if there is to open new bugzilla bug (since the Summary field should be changed).
This looks like a duplicate of bug 61269 to me...
resolving duplicate. Please reopen if you disagree.... *** This bug has been marked as a duplicate of 61269 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
No, I don't think it's a dup, although the url looks good with the patch from bug 61269 applied. The only reason %20 is converted to %25%20 I can think of is that the string is escaped with the esc_Forced mask which would result in such a conversion. I have no idea where this happens in the process, but that seems to be the problem. Reopening, it is wrong to again escape already escaped strings. Having fixed bug 61269 will only cure a symptom but not the real problem.
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
->parser
Assignee: asa → harishd
Status: UNCONFIRMED → NEW
Component: Browser-General → Parser
Ever confirmed: true
QA Contact: doronr → bsharma
Can someone please provide me with a good testcase?
Priority: -- → P3
Target Milestone: --- → mozilla0.9.9
Mass moving to 1.1.
Target Milestone: mozilla0.9.9 → mozilla1.1
[was 1.1alpha]
Target Milestone: mozilla1.1alpha → Future
What does thsi have to do with the parser? Asa's on crack... we parse things in more places than the parser, dammit. In any case, is this still an issue? We definitely don't esc_Forced in window.open(), though we may have in the past...
Assignee: harishd → general
Component: HTML: Parser → Browser-General
QA Contact: bsharma → general
In any case the page is long gone ...
Product: Browser → Seamonkey
(In reply to comment #11) > In any case the page is long gone ... -> invalid
Status: NEW → RESOLVED
Closed: 23 years ago19 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.