> To make it very clear: URL escaping is *not* intended to make an URL > safe for passing through the shell -- and it can't be (mis)used for this > purpose in a generic fashion. Characters like '&' or '#' would have to > be escaped for the shell, but that would break the URL. There is no way > to safely pass a URL through the shell without applying some shell > quoting.
I'd also consider that Gnash uses the URL::encode function both for actionscript URL escaping (there is a method _global.escape() that's also called from various other Flash API functions) on the one hand, and for genuine external URL escaping on the other. It's certainly not correct for ActionScript (see testsuite/swfdec escaping tests), and it seems it's also not very useful for our own purposes. Most likely it would be better to split this into two functions: one that does what's required for actionscript (which bears no relation to any standard way of escaping), leaving us free to design a sensible second one that can escape URLs without changing the protocol. bwy -- -- The current release of Gnash is 0.8.8 http://www.gnu.org/software/gnash/ Benjamin Wolsey, Software Developer - http://benjaminwolsey.de C++ and Open-Source Flash blog - http://www.benjaminwolsey.de/bwysblog xmpp:[email protected] http://identi.ca/bwy
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnash-dev mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnash-dev
