Comments (5)
What makes you think these need to be escaped? They are not ambiguous, as they are not part of the target. See rfc3986:
https://datatracker.ietf.org/doc/html/rfc3986#section-3.4
query = *( pchar / "/" / "?" )
The characters slash ("/") and question mark ("?") may represent data
within the query component.
The RFC even explicitly states that it is better not to escape them:
However, as query components
are often used to carry identifying information in the form of
"key=value" pairs and one frequently used value is a reference to
another URI, it is sometimes better for usability to avoid percent-
encoding those characters.
from url.
To complement the answer, the only possible component after the query is a fragment. So the only delimiter after the query is a #
. That's why ?
and /
are allowed in the query.
from url.
@vinniefalco ok makes sense. I was going off this link:
https://en.m.wikipedia.org/wiki/Percent-encoding
additionally, the AWS S3 rest API requires it:
https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
from url.
Yes. Unreserved Characters can be used in any component, although individual components can allow more than the unreserved set. For instance:
$> node
new URL('http://www.example.com/a/s/b?f=g/s')
URL {
href: 'http://www.example.com/a/s/b?f=g/s',
origin: 'http://www.example.com',
protocol: 'http:',
username: '',
password: '',
host: 'www.example.com',
hostname: 'www.example.com',
port: '',
pathname: '/a/s/b',
search: '?f=g/s', // <--------
searchParams: URLSearchParams { 'f' => 'g/s' },
hash: ''
}
Whoever wrote the AWS tutorial got that wrong if it's meant as a requirement. I'd be surprised if the server rejects a request because a "/" in the query is unencoded.
from url.
@vinniefalco its not that the AWS server rejects explicitly if slashes aren’t escaped but the issue is that the authorization signature is calculated based on what they call uri-encoded query params. So if we don’t escape the slash when calculating the signature, their signature won’t match and then they reject.
Anyway, topic for another forum. Thanks for the help
from url.
Related Issues (20)
- Boost.URL as subproject should not automatically add dependencies
- Boost CMake testing procedure doesn't work for URL
- Reconfiguring with BUILD_TESTING=OFF doesn't disable tests
- `boost::urls::resolve` gives wrong result when there are more `..`s in relative reference HOT 6
- sanitize_uri moves host to path
- docs build tmp files HOT 4
- UB Sanitizer implicit-integer-sign-change warning in boost::urls::grammar::detail::find_if_not_pred HOT 6
- Missing coverage
- Source files should not include header guards
- coverage job is generating an empty file
- detail symbol in reference
- Missing codecov token in GHA
- Improve coverage
- When compiling the boost.url libs comes the errors HOT 3
- Exclude tests from Antora compile commands
- craypp crash compiling segments_view.cpp HOT 1
- Test libraries and executables should be declared EXCLUDE_FROM_ALL
- Fix security vulnerabilities detected in Antora docs HOT 1
- Fix urls::errc reference
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from url.