Bug 135263

Summary: [testcase] Extraneous harmful encoding of Javascript-escaped Unicode strings
Product: [Applications] konqueror Reporter: Rémi Denis-Courmont <remi>
Component: khtml ecmaAssignee: Konqueror Developers <konq-bugs>
Status: VERIFIED WORKSFORME    
Severity: normal CC: finex, maksim
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Debian testing   
OS: Linux   
Latest Commit: Version Fixed In:

Description Rémi Denis-Courmont 2006-10-07 21:14:31 UTC 
Version:           3.5.5 (using KDE KDE 3.5.5)
Installed from:    Debian testing/unstable Packages
Compiler:          GCC 4.1 Debian 
OS:                Linux

When faced with characters outside the scope of ISO-8859-1, Javascript function escape will properly use the %uXXXX format (where XXXX is the hexadecimal notation for the Unicode code point). This is correct.

Unfortunately, when Konqueror actually tries to access an URL with such an encoded string as a parameter, it will replace %uXXXX with %25uXXXX. Therefore, the server will merely decode '%25' to '%' and will leave 'uXXXX' as is. This is incorrect.

Konqueror must not escape '%uXXXX' characters sequences manually when these are found in a requested URL. Firefox has a correct behavior here.

This is also Debian bug #359784.

As an example: http://www.remlab.net/tmp/

In Mozilla, clicking "Click here" yields the original message back. Konqueror, mangles it.


Solution: in whatever function decides whether or not some part of the URL shall be URL-encoded or not, please do conside '%uXXXX' for encoding, and pass it unchanged instead.
Comment 1 FiNeX 2008-05-20 20:20:01 UTC 
Confirmed on 3.5.9 and KDE 4 (trunk)
Comment 2 Maksim Orlovich 2009-02-27 18:11:59 UTC 
Looks fine these days..
Comment 3 Rémi Denis-Courmont 2009-02-28 15:43:26 UTC 
I still have the problem with Konqueror from KDE 3.5.9. I'll check 4.2 on monday.
Comment 4 Rémi Denis-Courmont 2009-03-05 16:46:27 UTC 
Yeah, it works with Konqueror 4.2