#8444 closed Bug (invalid)
FF - <a> tag href incorrectly encoded
Reported by: | Lynne Kues | Owned by: | |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | General | Version: | 3.0 |
Keywords: | IBM Firefox | Cc: |
Description
Run the attached code example. Click the "Test" button on the toolbar. Go to the source view. Notice that the "!" character is incorrectly encoded. Expected result is that the "!" character is not encoded, thus allowing navigation to the href to occur.
Attachments (1)
Change History (5)
Changed 13 years ago by
Attachment: | url-encoding.html added |
---|
comment:1 Changed 13 years ago by
Summary: | FF - a tag href incorrectly encoded → FF - <a> tag href incorrectly encoded |
---|
comment:2 Changed 13 years ago by
Keywords: | Firefox added |
---|---|
Status: | new → confirmed |
Version: | 3.4.2 → 3.0 |
comment:3 Changed 13 years ago by
Resolution: | → invalid |
---|---|
Status: | confirmed → closed |
I've just completed a extensive research about this issue.
The first point: the browser automatically encodes "!". To prove it, just create a page with the following code:
<!DOCTYPE html> <html> <head> <script> window.onload = function() { alert( document.body.innerHTML ); }; </script> </head> <body> <p><a href="alm://caliberrm!WL028197_20000_101/283;ns=requirement">t</a></p> </body> </html>
Then we have this fragment of the URI specs:
2.3. Unreserved Characters Data characters that are allowed in a URI but do not have a reserved purpose are called unreserved. These include upper and lower case letters, decimal digits, and a limited set of punctuation marks and symbols. unreserved = alphanum | mark mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")" Unreserved characters can be escaped without changing the semantics of the URI, but this should not be done unless the URI is being used in a context that does not allow the unescaped character to appear.
So "!" is considered a "Unreserved Characters". For some reason, the browser consider it as something that needs to be escaped on that context, but the import information here is that "Unreserved characters can be escaped without changing the semantics of the URI".
This means that if the URL has "!" escaped or not, doesn't make any difference. The browser will always see it as "!".
In fact, unlike stated by the reporter, browsers will properly navigate to the correct URL if "!" is escaped. This invalidates the ticket, considering that this is the reporter requirement.
comment:4 Changed 13 years ago by
Further information on this.
I've confirmed that this issue happens just when doing custom manipulation of the editor DOM, just like the reported TC does.
If instead the link is injected through editor.setData() or editor.insertHtml(), then no escaping happens because the editor preserves the original URL.
I have managed to reproduce it from CKEditor 3.0