httpd translates %xx and generates a false QUERY_STRING for cgi scripts.
Dirk Clemens
develop at cle-mens.de
Fri Sep 2 14:08:59 UTC 2005
The httpd translates %xx sequences in the query string into the
ascii representation. But this is bad, because a cgi programm must
distinguish between '&' and '%26' and other chars with special meanings.
Expample:
If you try http://my-server/cgi-bin/test?name=a%26b
the query string becomes name=a&b.
And this means, that we have two Parameters:
name=a
and
b (withaout value)
The correct interpretation is:
name=a%26b
The translation is normally done after the splitting of the
query string in the cgi programm.
Dirk Clemens
More information about the busybox
mailing list