having a quick look at the implementation [1] it looks for me that the sling post servlet should encode the URI before passing it into the URI class. the URI class is only used as a validation, it's result is not used for anything. the URL itself is encoded later in [2] before doing the redirect. but the code fails already on [1] wrongly assuming the passed in URL is always safe to parse without encoding. if it is not but handed in encoded, it's encoded twice.
so it definitely looks like a bug for me - there are also unit tests missing for redirect URLs that need escaping. can you create a SLING bug ticket for this? (and optionally come up with a PR?) stefan [1] https://github.com/apache/sling-org-apache-sling-servlets-post/blob/271cd07466fc3c82dbbc9500c16af28a3ed9b9d1/src/main/java/org/apache/sling/servlets/post/impl/SlingPostServlet.java#L446-L449 [2] https://github.com/apache/sling-org-apache-sling-servlets-post/blob/271cd07466fc3c82dbbc9500c16af28a3ed9b9d1/src/main/java/org/apache/sling/servlets/post/impl/SlingPostServlet.java#L341-L364 > -----Original Message----- > From: Dirk Tschentscher <[email protected]> > Sent: Monday, March 23, 2026 1:57 PM > To: [email protected] > Subject: PostServlet with space in :redirect > > > Hi, > I update data via PostSevlet and replace the markup fragment with the > changes. > Therefore I send ':redirect=/content/new.html' with the post. > > However, I have content paths with spaces, legacy reasons... > Either I have a ' ' in there -> URISyntaxException: Illegal character > in path at index ... > SlingPostServlet.getRedirectUrl(SlingPostServlet.java:449) > [org.apache.sling.servlets.post:3.0.0] > Or I encode it as %20, but then I'm getting %20 encoded again as %2520 > in location header: > curl -i -Ftitle="my redirect" -F:redirect="/content/new/my%20space.json" > http://admin:admin@localhost:8080/new/content/my%20space > <https://deref- > gmx.net/mail/client/xw2ssnB_Puc/dereferrer/?redirectUrl=http%3A%2F%2Fadmin > %3Aadmin%40localhost%3A8080%2Fnew%2Fcontent%2Fmy%2520space> > Location: http://localhost:8080/new/my%2520space.json > <https://deref- > gmx.net/mail/client/eXyUR_vZ1oA/dereferrer/?redirectUrl=http%3A%2F%2Flocal > host%3A8080%2Fnew%2Fmy%252520space.json> > --> "Error 400 Ambiguous URI path encoding" > Am I missing something? > -- > Dirk
