Apache2::URI::unescape_url

I'm rather surprised at what I'm seeing, but it appears this method
(Apache2::URI::unescape_url) is not correctly updating the length scalar
variable. Any thoughts? -Ryan

Output from the below response handler snippet:

Before: 'http%3A%2F%2Fexample.com'
After : 'http://example.com^@e.com'

Alternate output (when url encoding the result):

Before: 'http%3A%2F%2Fexample.com'
After : 'http://example.com%00e.com/

--8<--------------------------------------------

package Apache2::Test::T1;
use strict;
use Apache2::URI;

sub handler {
my $r = shift;
$r->content_type('text/plain');
my $url = 'http%3A%2F%2Fexample.com';
$r->print(sprintf("Before: '%s'\n", $url));
Apache2::URI::unescape_url($url);
$r->print(sprintf("After : '%s'\n", $url));
Apache2::Const::OK;
}

1;

-------------------------------------------->8--

Re: Apache2::URI::unescape_url

Ryan Gies wrote:
> I'm rather surprised at what I'm seeing, but it appears this method
> (Apache2::URI::unescape_url) is not correctly updating the length scalar
> variable. Any thoughts? -Ryan
>
> Output from the below response handler snippet:
>
> Before: 'http%3A%2F%2Fexample.com'
> After : 'http://example.com^@e.com'
>
> Alternate output (when url encoding the result):
>
> Before: 'http%3A%2F%2Fexample.com'
> After : 'http://example.com%00e.com/
>

That's pretty weird. If you modify it to be:

$url = Apache2::URI::unescape_url($url);

then it works ok, though according to the docs on perl.apache.org it's
not supposed to have a return value.

Adam

> --8<--------------------------------------------
>
> package Apache2::Test::T1;
> use strict;
> use Apache2::URI;
>
> sub handler {
> my $r = shift;
> $r->content_type('text/plain');
> my $url = 'http%3A%2F%2Fexample.com';
> $r->print(sprintf("Before: '%s'\n", $url));
> Apache2::URI::unescape_url($url);
> $r->print(sprintf("After : '%s'\n", $url));
> Apache2::Const::OK;
> }
>
> 1;
>
> -------------------------------------------->8--

Re: Apache2::URI::unescape_url

On Thu, May 7, 2009 at 1:39 PM, Adam Prime wrote:
> Ryan Gies wrote:
>>
>> I'm rather surprised at what I'm seeing, but it appears this method
>> (Apache2::URI::unescape_url) is not correctly updating the length scalar
>> variable. =A0Any thoughts? -Ryan
>>
>> Output from the below response handler snippet:
>>
>> =A0Before: 'http%3A%2F%2Fexample.com'
>> =A0After : 'http://example.com^@e.com'
>>
>> Alternate output (when url encoding the result):
>>
>> =A0Before: 'http%3A%2F%2Fexample.com'
>> =A0After : 'http://example.com%00e.com/
>>
>
> That's pretty weird. =A0If you modify it to be:
>
> $url =3D Apache2::URI::unescape_url($url);
>
> then it works ok, though according to the docs on perl.apache.org it's no=
t
> supposed to have a return value.

I've got unescape_url a couple places in my code and it is being used
according to the docs.

I'll add this as a test case and see if I can replicate it.


>
> Adam
>
>> --8<--------------------------------------------
>>
>> package Apache2::Test::T1;
>> use strict;
>> use Apache2::URI;
>>
>> sub handler {
>> =A0my $r =3D shift;
>> =A0$r->content_type('text/plain');
>> =A0my $url =3D 'http%3A%2F%2Fexample.com';
>> =A0$r->print(sprintf("Before: '%s'\n", $url));
>> =A0Apache2::URI::unescape_url($url);
>> =A0$r->print(sprintf("After : '%s'\n", $url));
>> =A0Apache2::Const::OK;
>> }
>>
>> 1;
>>
>> -------------------------------------------->8--
>
>

Re: Apache2::URI::unescape_url

On Thu, 7 May 2009 14:29:18 -0700
Fred wrote:

> > That's pretty weird.  If you modify it to be:
> >
> > $url =3D Apache2::URI::unescape_url($url);
> >
> > then it works ok, though according to the docs on perl.apache.org
> > it's not supposed to have a return value.

Just curious Adam, does that mean you were able to reproduce it?

> I've got unescape_url a couple places in my code and it is being used
> according to the docs.
>=20
> I'll add this as a test case and see if I can replicate it.

Right-on, if there's anything more I can get to you, please let me know.

1) I am running with libapreq2, however I do not believe it interferes.
2) Apache::Util::unescape_uri is addressed to this method in
Apache2::compat.

Re: Apache2::URI::unescape_url

Ryan Gies wrote:
> On Thu, 7 May 2009 14:29:18 -0700
> Fred wrote:
>
>>> That's pretty weird. If you modify it to be:
>>>
>>> $url = Apache2::URI::unescape_url($url);
>>>
>>> then it works ok, though according to the docs on perl.apache.org
>>> it's not supposed to have a return value.
>
> Just curious Adam, does that mean you were able to reproduce it?

Yes, i was able to reproduce it.

Adam