Re: Forms/CGI urls: '&' in HREF attributes

Jim Seidman (jim@spyglass.com)
Fri, 10 Feb 95 12:02:18 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gavin Nicol: "Re: SGML/MIME charsets, ERCS/Unicode [was: New DTD (final version?) ]"
Previous message: Gavin Nicol: "Re: Forms/CGI urls: '&' in HREF attributes"
Maybe in reply to: Daniel W. Connolly: "Forms/CGI urls: '&' in HREF attributes"
Next in thread: Larry Masinter: "Re: Forms/CGI urls: '&' in HREF attributes"

Excuse my ignorance, but has any working group claimed responsibility for
the x-www-urlencoded MIME type? Has anyone written an I-D trying to specify
the contents?

In any case, I agree wholeheartedly that the separator character should be
something other than '&'. I like the choice of ';' because it's specified
as a reserved character in RFC 1738.

Your example points out a more serious issue. RFC 1738 specifies '&' as a
valid character in several different contexts (username, password, path,
etc.), and section 2.2 doesn't specify it as an "unsafe character" which
must be encoded. Given that an increasing number of browsers (including our
2.0 releases of Enhanced Mosaic) process entities inside attribute value
literals, this will become an increasingly severe problem.

--
Jim Seidman, Senior Software Engineer, Spyglass Inc.

Next message: Gavin Nicol: "Re: SGML/MIME charsets, ERCS/Unicode [was: New DTD (final version?) ]"
Previous message: Gavin Nicol: "Re: Forms/CGI urls: '&' in HREF attributes"
Maybe in reply to: Daniel W. Connolly: "Forms/CGI urls: '&' in HREF attributes"
Next in thread: Larry Masinter: "Re: Forms/CGI urls: '&' in HREF attributes"