Page MenuHomePhabricator

Apostrophes in URL titles causing problems
Open, Needs TriagePublic


Some codes have been created using a pasted URL with urlencoding (e.g. ' was pasted as %27). This has caused problems because the QR Code encodes the url further rendering it as %2527.

I temporarily fixed the problem by removing one urlencoding step in the forwarder code.

However, this needs fixing long term.

I suggest that interface needs to silently convert any encoded urls into their un-encoded variant. And we need some sanity checking in the forwarder code to handle edge cases.

Version: unspecified
Severity: normal



Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:09 AM
bzimport added a project: QRpedia-General.
bzimport set Reference to bz60526.
ErrantX created this task.Jan 28 2014, 12:24 PM

Thank you for opening that bug Tom.

IMO, the best approach is, as far as possible, to not modify (urldecode/urlencode) anything and take the "title" as it is.

The problem is with the already existing QR codes, a few of them have double encoded urls. Is that what you mean with edge cases? If yes, I don't see any rigorous way to detect them.

We do have to urlencode some things, because that is a requirements of the QR code. So we have no route around that.

Yes some of the current codes have double encoded urls; the hack I implemented fixes them. What was happening was the nginx server was decoding the first encoding (as it was supposed to). What the code then does is urlencode the request before forwarding it. So we were re-inserting the double encoding! Ooops :)

However, removing that last encoding step shouldn't be a long term solution. We do need to encode the url to make sure it is definitely compatible in the widest possible uses!

Also we need to be able to handle other server setups, in the case that QRpedia gets deployed somewhere else.

We may need to create a number of test cases to see how this works and how to handle them.

And we definitely need to consider sanity checking on the front end code generation interface.

I have fixed the problem on GIT master branch by:

  • Detecting on qrpedia if the given url is URLencoded and avoiding double encoding.
  • Avoiding to urlencode HTTP "Location" header value on qrwp. Doing like this allows to be backward compatible with double urlencoded values.
Aklapper reopened this task as Open.May 25 2018, 5:57 PM
Aklapper removed Kelson as the assignee of this task.Aug 31 2018, 11:21 AM
Aklapper added a subscriber: Kelson.
Dzahn added a subscriber: Dzahn.Nov 15 2019, 2:01 AM

duplicate of T210050?