On Wed, 2022-06-22 at 16:48 +0000, Eliot Kimber wrote: > I’m trying to replicate a call to a remote REST API that uses hmac > encoding to construct an authentication string. I’m working from > existing Python code that does the same thing. > > What I’m seeing is that the crypto:hmac() function can return Base64 > strings that include characters that must be escaped in URIs, i.e.: > > mTA76dRZkiCf84WUKM/PWySydamj3dMZ6Tm26s9QGNI > > (Note the “/”)
I think that / does not need to be escaped in a URI as otherwise things like amazon.com/freestuff/books wouldn't be allowed. You do need to escape = however, as it is used to represent a space, and you MAY need to escape / depending on the receiving end. replace($uri, '[+]', '%2B') would presumably be sufficient for plus, and 2F for / if you need that escaped too. liam -- Liam Quin, https://www.delightfulcomputing.com/ Available for XML/Document/Information Architecture/XSLT/ XSL/XQuery/Web/Text Processing/A11Y training, work & consulting. Barefoot Web-slave, antique illustrations: http://www.fromoldbooks.org