Bug 118413 - ftp login name should be URL encoded.
Summary: ftp login name should be URL encoded.
Status: RESOLVED FIXED
Alias: None
Product: konqueror
Classification: Unclassified
Component: general (show other bugs)
Version: unspecified
Platform: Mandriva RPMs Linux
: NOR normal (vote)
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
: 130158 133258 133700 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-12-15 23:59 UTC by Rob
Modified: 2011-06-15 01:58 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In: 4.6.5


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Rob 2005-12-15 23:59:32 UTC
Version:            (using KDE KDE 3.4.2)
Installed from:    Mandriva RPMs
Compiler:          automake? 
OS:                Linux

Since upgrading from MDK2005le with KDE 3.3 to MDK 2006 with 3.4:

Konqueror no long seems able to handle one-line ftp logins where the username contains an '@' symbol such as:

ftp://myname@site.net:password@ftp.site.net

or permutations such as

ftp://'myname@site.net'@ftp.site.net
ftp://"myname@site.net"@ftp.site.net
ftp://"myname\@site.net"@site.net

The addition of quotes has no effect.  This bug can be duplicated 100% on my system, the only responses being:

1. Konqueror attempts to append an http:// and try the URL as a webpage, with (obviously) no success

2. It loads this user's own '/' directory
Comment 1 Thiago Macieira 2005-12-16 02:59:30 UTC
%40
Comment 2 Tommi Tervo 2006-08-30 11:55:58 UTC
*** Bug 133258 has been marked as a duplicate of this bug. ***
Comment 3 Tommi Tervo 2006-09-07 12:37:02 UTC
I'll reopen this with more generic subject and I'll try to collect similar bugs under this BR.
Comment 4 Tommi Tervo 2006-09-07 12:37:23 UTC
*** Bug 130158 has been marked as a duplicate of this bug. ***
Comment 5 Tommi Tervo 2006-09-07 12:38:33 UTC
*** Bug 133258 has been marked as a duplicate of this bug. ***
Comment 6 Tommi Tervo 2006-09-07 12:39:00 UTC
*** Bug 133700 has been marked as a duplicate of this bug. ***
Comment 7 Anna 2006-09-10 05:26:39 UTC
I don't care about this! I'm sorry you're having this problem but I didn't 
create any of the programs you're having problems with.



Anna James




[bugs.kde.org quoted mail]

_________________________________________________________________
Call friends with PC-to-PC calling -- FREE   
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
Comment 8 Cyrill Helg 2006-10-09 13:47:04 UTC
This bug sucks even more because of the following. When I use the dialog to enter my details I can login but afterwards I get no write privileges. Thats very strange and I hope that this get fixed soon.

By the way the workaround for this is to use %40 in the username instead of @.
Comment 9 Juan Carlos Torres 2007-01-07 19:47:21 UTC
I cannot reproduce this bug in Kubuntu 6.10 using KDE 3.5.5. '@' is correctly parsed. URL's in the following format work:

ftp://username@www.domain.com
ftp://username:password@www.domain.com
Comment 10 Stefan Monov 2007-01-07 20:10:56 UTC
I cannot reproduce in KDE 3.5.5, openSUSE 10.2.
Comment 11 Stefan Monov 2007-01-07 20:17:40 UTC
Never mind the last two comments, we completely misunderstood the report.
Comment 12 David Faure 2007-10-16 21:09:22 UTC
The right way to write such a URL is to use %40 instead of the @ in the username.
Comment 13 Cyrill Helg 2008-06-04 23:00:56 UTC
I just don't agree sorry. An average user does not know about that.
Comment 14 David Faure 2008-06-05 01:21:27 UTC
An average user doesn't know about ftp://myname@site.net:password@ftp.site.net  either. He/she just enters the login/password in the login dialog... and that works, right?
Comment 15 Cyrill Helg 2008-06-05 11:28:47 UTC
David, don't get confused about the the wrong comment from Juan. The problem is not username:password, its just that username is username@domain[@server.com] something.

Comment 16 David Faure 2008-06-05 17:24:07 UTC
I don't think I'm confused here, in my comment I did give the case of a username like "myname@site.net". From a usability point of view, the best solution -is- the login dialog, not the parsing of weird urls (which is something that is standardized and nowadays implemented in Qt, and therefore quite difficult to change anyway).
But I think the real problem is that the login dialog doesn't come up when the site also accepts anonymous login. If it did, then the problem described here wouldn't happen, right? You would type the username in the login dialog, rather than in the location bar, and it would be properly encoded.
Comment 17 Cyrill Helg 2008-06-05 17:58:14 UTC
I'm not that sure but imho it did not even work from the dialog correctly!
Comment 18 David Faure 2010-10-15 22:49:06 UTC
I tested again with my customers.kdab.com ftp account, and a login with a '@' works fine with the authentication dialog.

(Note that if the ftp server also accepts anonymous access, the way to see the login dialog is to type a fake username, like ftp://a@customers.kdab.com, and then change the a in the login dialog. A bit of a workaround, especially since the URL keeps the "a" afterwards but I don't know how else we could do this - without adding yet another menu item).

On the other hand, creating a test@test user locally and trying to use sftp://a@localhost (and filling the dialog) fails, while sftp://test%40test@localhost works, I'm quite puzzled, because gdb says mUsername is correctly set to test@test and mPassword is correct (it has a @ too) and identical in both cases (with username in URL or with username typed in dialog)... Cc'ing Andreas Schneider on that one...
Comment 19 Dawit Alemayehu 2011-06-15 01:58:04 UTC
Git commit d1101e6dae09c73bbf319061fc229da936c4e4bf by Dawit Alemayehu.
Committed on 10/06/2011 at 22:17.
Pushed by adawit into branch 'KDE/4.6'.

- Removed the regular expression check for IP addresses since QUrl/KUrl now
  correctly parse almost all short url addresses.
- Create the remaining QRegExp checks once instead of on demand.
- Use KUser for username name and directory shortcuts, e.g. ~/, resolution.
- Percent-encoded extra '@' within a URL's username component (Workaround).
- Added unit tests for IPv6 URLs and escaping of '@' in usernames.

BUG: 69326
BUG: 118413
FIXED-IN: 4.6.5
REVIEW: 101576

M  +88   -112  kurifilter-plugins/shorturi/kshorturifilter.cpp     
M  +6    -3    kurifilter-plugins/shorturi/kshorturifilter.h     
M  +15   -4    kurifilter-plugins/tests/kurifiltertest.cpp     

http://commits.kde.org/kde-runtime/d1101e6dae09c73bbf319061fc229da936c4e4bf
Comment 20 Dawit Alemayehu 2011-06-15 01:58:38 UTC
Git commit c67daeb95eaf74928f1cf9dcc2980dd2fb135b4b by Dawit Alemayehu.
Committed on 10/06/2011 at 22:17.
Pushed by adawit into branch 'master'.

- Removed the regular expression check for IP addresses since QUrl/KUrl now
  correctly parse almost all short url addresses.
- Create the remaining QRegExp checks once instead of on demand.
- Use KUser for username name and directory shortcuts, e.g. ~/, resolution.
- Percent-encoded extra '@' within a URL's username component (Workaround).
- Added unit tests for IPv6 URLs and escaping of '@' in usernames.

BUG: 69326
BUG: 118413
FIXED-IN: 4.6.5
REVIEW: 101576

(cherry picked from commit d1101e6dae09c73bbf319061fc229da936c4e4bf)

M  +88   -112  kurifilter-plugins/shorturi/kshorturifilter.cpp     
M  +6    -3    kurifilter-plugins/shorturi/kshorturifilter.h     
M  +15   -4    kurifilter-plugins/tests/kurifiltertest.cpp     

http://commits.kde.org/kde-runtime/c67daeb95eaf74928f1cf9dcc2980dd2fb135b4b