[Spice-devel] [spice-gtk] Unescape SpiceSession::uri component by component
Hans de Goede
hdegoede at redhat.com
Thu Sep 20 06:44:44 PDT 2012
Hi,
On 09/20/2012 12:34 PM, Christophe Fergeau wrote:
> On Thu, Sep 20, 2012 at 12:03:12PM +0200, Hans de Goede wrote:
>> Hi,
>>
>> On 09/20/2012 11:53 AM, Christophe Fergeau wrote:
>>> Unescaping the whole URI and then parsing it is dangerous as
>>> the unescaping may (for example) add some extra '/' in the URI
>>> which are not part of a path. It's better to do the unescaping later
>>> once the URI has been split in separate components.
>>> This commit unescapes the path, host and query values. Handling escaped
>>> query values is important for usernames/passwords which might contain
>>> chars which are invalid in URIs.
>>> If the host is enclosed in [], it's intentionally not escaped as this
>>> contains an ipv6 URI, and may contain a %zone_id (see RFC4007). This is
>>> consistent with libvirt/libxml2 behaviour, not with what gvfs does.
>>
>> You declare, set, and free an unescaped_path variable, but you don't
>> seem to use it anywhere ?
>
> Yes, 'path' is parsed but unused:
> /* Break up the URI into its various parts, scheme, authority,
> * path (ignored)
>
> Since it's already parsed and unused, I've unescaped too in case it becomes
> used one day. I'm fine with dropping this bit from the patch.
Ah, I see. Well this is not performance critical, and path does ever become
used it is good to have the unescaped version available, so ack as is.
Regards,
Hans
More information about the Spice-devel
mailing list