Skip to first unread message
PJH
Feb 23, 2019, 12:19:59 PM2/23/19
to Fat-Free Framework
Before I raise a potential bug on this, I want to make sure I'm not doing something silly, or impossible...
Source:
```
<?php
$f3 = require('fatfree/lib/base.php');
$f3->route('GET /' , function(){echo "root\n";});
$f3->route('GET /path' , function(){echo "path\n";});
$f3->route('GET /path/@id1' , function($f3){
echo "One:".$f3->get('PARAMS.id1')."\n";
});
$f3->route('GET /path/@id1/@id2' , function($f3){
echo "Two:".$f3->get('PARAMS.id1').",".$f3->get('PARAMS.id2')."\n";
});
$f3->run();
$f3 = require('fatfree/lib/base.php');
$f3->route('GET /' , function(){echo "root\n";});
$f3->route('GET /path' , function(){echo "path\n";});
$f3->route('GET /path/@id1' , function($f3){
echo "One:".$f3->get('PARAMS.id1')."\n";
});
$f3->route('GET /path/@id1/@id2' , function($f3){
echo "Two:".$f3->get('PARAMS.id1').",".$f3->get('PARAMS.id2')."\n";
});
$f3->run();
```
Execution:
$ curl http://f3/
root
$ curl http://f3/path
path
$ curl http://f3/path/first
One:first
$ curl http://f3/path/second
One:second
$ curl http://f3/path/first/second
Two:first,second
$ curl http://f3/path/only%2fone
Two:only,one
root
$ curl http://f3/path
path
$ curl http://f3/path/first
One:first
$ curl http://f3/path/second
One:second
$ curl http://f3/path/first/second
Two:first,second
$ curl http://f3/path/only%2fone
Two:only,one
I'd expect, or at least prefer, that last to return
One:only%2fone
How do I get it to do that? If it's even possible...
I note a thread on Laravel where people have a similar problem - I presume this is something similar?:
Mark
Feb 23, 2019, 6:33:51 PM2/23/19
to Fat-Free Framework
The URL spec considers http://f3/path/only%2fone and http://f3/path/only/one the same URL.
According the URL Specification ( https://www.w3.org/Addressing/URL/url-spec.txt ),
"
The same encoding method may be used for encoding characters whose
use, although technically allowed in a URL, would be unwise due to
problems of corruption by imperfect gateways or misrepresentation
due to the use of variant character sets, or which would simply be
awkward in a given environment. Because a % sign always indicates
an encoded character, a URL may be made safer simply by encoding
any characters considered unsafe"Paul Herring
Feb 24, 2019, 6:33:50 AM2/24/19
to Mark via Fat-Free Framework, Fat-Free Framework
On Sat, Feb 23, 2019 at 11:33 PM Mark via Fat-Free Framework <f3-framework+APn2wQejWP8h3J_cjk0...@googlegroups.com> wrote:
The URL spec considers http://f3/path/only%2fone and http://f3/path/only/one the same URL.
It doesn't. You even quote the bit that points this out:
Because a % sign always indicates an encoded character, a URL may be made safer simply by encoding any characters considered unsafe"
2.1. Percent-Encoding
A percent-encoding mechanism is used to represent a data octet in a component when that octet's corresponding character is outside the allowed set or is being used as a delimiter of, or within, the component.
The reserved character
/, for example, if used in the "path" component of a URI, has the special meaning of being a delimiter between path segments. If, according to a given URI scheme,/needs to be in a path segment, then the three characters%2For%2fmust be used in the segment instead of a raw/.
--
-- You've received this message because you are subscribed to the Google Groups group. To post to this group, send an email to f3-fra...@googlegroups.com. To unsubscribe from this group, send an email to f3-framework...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/f3-framework?hl=en
---
You received this message because you are subscribed to the Google Groups "Fat-Free Framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to f3-framework...@googlegroups.com.
To post to this group, send email to f3-fra...@googlegroups.com.
Visit this group at https://groups.google.com/group/f3-framework.
To view this discussion on the web visit https://groups.google.com/d/msgid/f3-framework/4b1f6400-be63-4070-8de3-ca1e4b36e7af%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
PJH
PJH
Feb 24, 2019, 3:39:57 PM2/24/19
to Fat-Free Framework
On Saturday, February 23, 2019 at 5:19:59 PM UTC, PJH wrote:
<snip>
Given Mark's comments, did some more digging:
$ mkdir /var/www/f3/dir
$ echo "dir/path" >/var/www/f3/dir/path
$ echo "dir%2fpath" >/var/www/f3/dir%2fpath
$ curl http://f3/dir/path
dir/path
$ curl http://f3/dir%2fpath
dir/path
$ curl http://f3/dir%252fpath
dir%2fpath
$ echo "dir/path" >/var/www/f3/dir/path
$ echo "dir%2fpath" >/var/www/f3/dir%2fpath
$ curl http://f3/dir/path
dir/path
$ curl http://f3/dir%2fpath
dir/path
$ curl http://f3/dir%252fpath
dir%2fpath
So..
$ curl http://f3/path/first%2fsecond
Two:first,second
$ curl http://f3/path/first%252fsecond
One:first%2fsecond
Two:first,second
$ curl http://f3/path/first%252fsecond
One:first%2fsecond
It's my server (nginx) I need to look at, not F3.
I'll consider this closed here. Cheers Mark for the hint.
ikkez
Feb 24, 2019, 4:50:44 PM2/24/19
to Fat-Free Framework
there is a regarding issue though https://github.com/bcosca/fatfree-core/issues/216
PJH
Feb 24, 2019, 5:59:18 PM2/24/19
to Fat-Free Framework
On Sunday, February 24, 2019 at 9:50:44 PM UTC, ikkez wrote:
Looks a bit old :)
I ended up writing my own encode()/decode() that works around any percent-en/decoding going on in the server and/or F3 (depending on what eventually happens with #216.)
===
For context - for anyone interested:
- there's the concept of 'categories' in my site.
- So there's the route /category/@categoryName.
- Of course one such category, that I accidentally found while doing other stuff, was 'TV/Movies' which is where things started going awry...
===
Anyway - I've fixed it locally, for me.
Reply all
Reply to author
Forward
0 new messages