16 Nov
2015
16 Nov
'15
2:10 p.m.
From: Vincent At: 16.11.2015, 13:55
Yes, this part is what I have been missing.
Indeed, if you want to use entity references in the URL and them to be "tomcat
friendly", you need a different escape character in the URL, which means we are back
at proposal 2.
On 16 Nov 2015 at 13:50:52, Clemens Klein-Robbenhaar
(c.robbenhaar@espresto.com(mailto:c.robbenhaar@espresto.com)) wrote:
I do not like it much either; that is why I proposed to have it configureable, and only
contain the characters which are "absolutely necessary".
It could even be empty and people have to turn it on if they do not want to configure
their servlet containers properly.
From: Vincent: At 16.11.2015, 13:23
[...]
I didn't mean to say that with my proposal no URL Encoding or other escaping need to
happen at all, or no escaping in entity references.
Of course something like that will need to happen, unless one has a pretty long list of
"forbidden" stuff, which will not be user-friendly.
What I meant is that your proposal won’t help unless you also forbid those characters!
:)
On a personal note, I wouldn’t like to forbid characters in space or page names. We’ve
worked hard to not have to do this.
Personally I prefer a third option:
- disallow '/' and '\' in page names completely when creating / renaming
pages
- in the UI, if the user enters these characters to add (or rename), scrap them from the
page name, or replace then by '-' (they will still show up in the title)
and create a new page with the name without the slashes
- make this configureable, like 'xwiki.pagename.forbiddenchars=/\\'
and then people who are able to set up their servlet container to allow slashes can empty
that config variable.
This covers only a portion of all the use cases, unless you
also want to disable “.”, “:”, “@“, “^” characters in page names because if you don’t then
they’ll be escaped in serialized references which can surface in the URL (as shown by
http://jira.xwiki.org/browse/XWIKI-11528 and by the URL format I’m proposing for Zip URLs.
The reference URL scheme is also affected obviously, see
http://design.xwiki.org/xwiki/bin/view/Design/AlternateURLScheme). The only part
I tried to address is the problem that by default tomcat and apache's httpd do not
allow slashes - encoded or not - in the URL.
I am not sure why the other chars come in here now. If they get properly escaped /
unescaped they should not cause problems.
I think you missed the fact that these extra characters that I mentioned need to be
escaped when present in serialized references and the escape character in references is
“\” :)
Thanks
-Vincent
Cheers
Clemens