diff --git a/scheme/httpd/info-gateway.scm b/scheme/httpd/info-gateway.scm index 4409ce4..278dd00 100644 --- a/scheme/httpd/info-gateway.scm +++ b/scheme/httpd/info-gateway.scm @@ -117,7 +117,7 @@ ((list? parse-info) ; it's an info path (lambda (url) (values parse-info - (unescape-uri (http-url-query url))))) + (unescape (http-url-query url))))) (else (let ((info-path ((infix-splitter ":") @@ -128,7 +128,7 @@ ""))))) (lambda (url) (values info-path - (unescape-uri (http-url-query url)))))))) + (unescape (http-url-query url)))))))) (make-reference (cond ((procedure? reference) reference) @@ -245,7 +245,7 @@ (let ((file (or node-file file))) (with-tag out a ((href (make-reference old-entry - (escape-uri (unparse-node-name file node))))) + (escape-not-unreserved-chars (unparse-node-name file node))))) (if (and (not (null? maybe-icon)) (car maybe-icon)) (display-icon (car maybe-icon) (cadr maybe-icon) out)) diff --git a/scheme/httpd/rman-gateway.scm b/scheme/httpd/rman-gateway.scm index 9973b54..395b658 100644 --- a/scheme/httpd/rman-gateway.scm +++ b/scheme/httpd/rman-gateway.scm @@ -20,7 +20,7 @@ ((list? finder) (lambda (url) (values finder - (unescape-uri (http-url-query url)) + (unescape (http-url-query url)) '()))) (else (let ((man-path @@ -32,7 +32,7 @@ ""))))) (lambda (url) (values man-path - (unescape-uri (http-url-query url)) + (unescape (http-url-query url)) '())))))) (reference-template (cond diff --git a/scheme/httpd/surflets/packages.scm b/scheme/httpd/surflets/packages.scm index 13d2222..5c6acf8 100644 --- a/scheme/httpd/surflets/packages.scm +++ b/scheme/httpd/surflets/packages.scm @@ -443,6 +443,7 @@ shift-reset ;SHIFT and RESET (subset srfi-1 (alist-cons alist-delete!)) srfi-6 ;string-ports + (subset srfi-13 (string-join)) srfi-14 ;CHAR-SET:DIGIT srfi-27 ;random numbers surflet-requests ;requests for surflets @@ -626,7 +627,6 @@ (define-structure surflets/addresses surflets/addresses-interface (open scheme srfi-23 ;error - (subset uri (escape-uri)) define-record-types (subset surflets/utilities (generate-unique-name))) (files addresses)) @@ -644,7 +644,7 @@ (open scheme surflets/input-field-value surflets/addresses - (subset uri (unescape-uri))) + (subset uri (unescape))) (files returned-via)) (define-structure surflets/outdaters surflets/outdaters-interface diff --git a/scheme/lib/parse-forms.scm b/scheme/lib/parse-forms.scm index 6f8a441..ac173d6 100644 --- a/scheme/lib/parse-forms.scm +++ b/scheme/lib/parse-forms.scm @@ -12,12 +12,12 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;; The form's field data are turned into a single string, of the form ;;; name=val&name=val -;;; where the and parts are URI encoded to hide their -;;; &, =, and + chars, among other things. After URI encoding, the -;;; space chars are converted to + chars, just for fun. It is important -;;; to encode the spaces this way, because the perfectly general %xx escape -;;; mechanism might be insufficiently confusing. This variant encoding is -;;; called "form-url encoding." +;;; where the and parts are URI encoded to hide their &, +;;; =, and + chars and other reserves or excluded characters. After +;;; URI encoding, the space chars are converted to + chars, just for +;;; fun. It is important to encode the spaces this way, because the +;;; perfectly general %xx escape mechanism might be insufficiently +;;; confusing. This variant encoding is called "form-url encoding." ;;; ;;; If the form's method is POST, ;;; Browser sends the form's field data in the entity block, e.g., @@ -32,6 +32,7 @@ ;;; ;;; In either case, the data is "form-url encoded" (as described above). + (define (parse-html-form-query q) (let ((qlen (string-length q))) (let recur ((i 0)) @@ -46,11 +47,11 @@ (else '()))))) ; BOGUS STRING -- Issue a warning. -;;; Map plus characters to spaces, then do URI decoding. +;;; Map plus characters to spaces, then unescape. (define (unescape-uri+ s . maybe-start/end) (let-optionals maybe-start/end ((start 0) (end (string-length s))) - (unescape-uri (string-map (lambda (c) (if (char=? c #\+) #\space c)) + (unescape (string-map (lambda (c) (if (char=? c #\+) #\space c)) (if (and (zero? start) (= end (string-length s))) s ; Gratuitous optimisation. diff --git a/scheme/packages.scm b/scheme/packages.scm index 0f332d4..2e2c16e 100644 --- a/scheme/packages.scm +++ b/scheme/packages.scm @@ -56,7 +56,8 @@ escape)) (define-interface url-interface - (export escaped + (export escape-not-unreserved-chars + escaped http-url? http-url-host @@ -458,9 +459,9 @@ (define-structure uri uri-interface (open scheme-with-scsh + (subset url (escaped)) ascii - bitwise - (subset url (escaped))) + bitwise) (files (lib uri))) (define-structure url url-interface @@ -630,7 +631,6 @@ rfc822 handle ; ignore-errors conditions ; condition-stuff - uri url format-net rate-limit ; rate-limiting stuff @@ -684,8 +684,7 @@ i/o ; make-null-output-port locks receiving - uri ; uri-path->uri - url ; http-url-path + url ; http-url-path, http-url-path->path-string httpd-requests ; request record httpd-responses formats @@ -759,7 +758,6 @@ httpd-requests ; v0.9-request httpd-responses httpd-logging ; http-log - uri ; UNESCAPE-URI htmlout ; Formatted HTML output pp (subset srfi-13 (string-skip)) @@ -807,7 +805,7 @@ (define-structure httpd-cgi-handlers httpd-cgi-handlers-interface (open scheme-with-scsh (subset srfi-1 (alist-delete)) - (subset srfi-13 (string-prefix? string-index string-trim substring/shared)) + (subset srfi-13 (string-prefix? string-index string-trim substring/shared string-join)) rfc822 crlf-io ; WRITE-CRLF uri