Posted by Andy Hassall on 11/18/05 01:48

On 17 Nov 2005 11:16:24 -0800, "black francis" <cristian.melendez@gmail.com>
wrote:

>again, it's the browser the one who 'encodes' the url, not you.
>
>try-n-see:
><a href="example.php?var=one word"> turns into
>"example.php?var=one+word" in the address bar.

That's the browser (whichever one you're using) attempting to compensate for
your badly encoded URL. This is not behaviour you should rely on.

In fact I don't know what browser you're using, because IE, Firefox and Opera
attempt to correct the invalid URL by converting the space to %20, not +.

Putting that source through an HTML validator (HTML Tidy) produces:

line 1 column 1 - Warning: <a> escaping malformed URI reference

error: <...> escaping malformed URI reference
Cause:

An URI contains non-authorized characters. Or the quotes around the URI are not
closed.
Solution:

Correct the URI.
Samples:

error: <a> escaping malformed URI reference

BAD <a href="http://www.mozilla.org/one space.html">space</a>
GOOD <a href="http://www.mozilla.org/one%20space.html">space</a>
GOOD <a href="http://www.mozilla.org/one+space.html">space</a>

BAD <a href="http://www.w3c.org>w3c</a>
GOOD <a href="http://www.w3c.org">w3c</a>

For the first example, a space should not be contained in URL. (Even if it
works in all browsers...). This is described in detail in the RFC1738 (Look for
Unsafe)
References:

RFC2396 - Uniform Resource Identifiers (URI): Generic Syntax"
RFC1738 - Uniform Resource Locators
--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool

[Back to original message]