# sign is not escaped when uploading a file

[brondsem]

If I have a file with a pound sign # in it, it is not escaped when I upload it. Ticket #182 fixed most escaping issues, but using encodeURI() doesn't escape everything (e.g #). That's actually good since currently it's applied to the whole URI, and for characters like : and / we don't want those escaped in "​http://" for example. See ​http://xkr.us/articles/javascript/encode-compare/ which shows the different encode functions.

My suggestion would be to NOT encode anything in javascript. Rather, update all connectors to encode the file name (and/or url). In php, this would use the rawurlencode() function. Then that fully-encoded file name would be appended to the unencoded domain+directory.

[fredck]

Encoding it in the server side would make things too complex for us, and actually this is something that can be easily solved in the client side, also because the client code is responsible for returning the URL.

I'm attaching a patch for it.

[martinkou]

Looks good to me. Since for any URI, the '#' is used for selecting document fragments only, which is useless for our use case (selecting files). So any '#' appearing in the URI can be safely assumed to be part of the file name instead, and thus replacing with '%23' should be safe.

[fredck]

Fixed with [1692]. Click here for more info about our SVN system.