Use of backslash in userinfo
midicase opened this issue · comments
I have someone insisting to use a baskslash() in userinfo, like http://foo\bar:pass@host. uriParser fails to parse, as I would expect. After rechecking, I'm having a hard time understanding RFC3986's intent of handling backslash.
As far I can tell the character is completely forbidden and there no way to escape?
Edit:
Actually the backslash is in the query string, but still should apply also.
Hi @midicase,
uriparser is stricly RFC3986 compliant. The "escaping mechanism" of URI is percent encoding —— where allowed — e.g. %41
will end up as A
— uppercase "A" — after unescaping. Without a proper check, I'd expect %5c
to be a backslash:
In [4]: hex(ord('\\'))
Out[4]: '0x5c'
Does that fully answer your question?
Are you suggesting to escape the URI before parsing? Not sure that works. The problem is a user wants to use
scheme://foo\bob:pass@host
The userinfo section apparently comes from windows authentication system (DOMAIN\user). But I am pretty there is not any way to deal with it except to parse out the userinfo manually before handing off to uriparser.
I would suggest to use scheme://foo%5cbob:pass@host
for a URI, parse it, split user info at ":", unescape both parts.
Thanks, that is a good idea.