loadURL does not escape + (plus) character in URL

[rdewit]

Not sure if it really is a bug, but the javascript function escape() that is called to URL encode the URL that will be passed to Ajax.Request does not escape the plus character. Some GET requests have a parameter like: ...&format=application/kml+xml&...

These requests will fail and (in my case) get an error back from the server.

Something like this will help it (Ajax.js, line 63):

uri = OpenLayers.ProxyHost + escape(uri.replace(/\+/, "%2B"));

Is that the way to go?

Btw: can we add 'Ajax' to the list of components?

[euzuro]

'Ajax' added as new component. Good one, rdewit. :-)

[crschmidt]

I don't think this is a bug. "+" is allowed to be in URLs. Can you give an example URL which fails with a '+' in it? If you're using proxy.cgi, it's possible that proxy.cgi is broken.

[rdewit]

2 URLs. This first one has a + in it (in Format=application/kml+xml). The other one is exactly the same, but with another format.

 URL with a +

 same URL without a +

[crschmidt]

I get the same content from both of these in firefox and curl. Can you explain what the problem is, exactly? (Why does "+" need to be escaped when it's not here?)

[crschmidt]

Talked on IRC: This is a misbehavior in proxy.cgi, not OpenLayers.Ajax, we think. Proxy.cgi parses the string, turns the "+" into a " ", then re-encodes it as "%20" When talking to the server.

Escaping the "+" will 'fix' the problem, but that's a workaround for a bug, I believe.

[rdewit]

What about this patch? If the the method is a GET one, replace the + in the url to be a %2B.

[tschaub]

The problem is the use of escape (in JavaScript). We should never use escape and should always use either encodeURI or encodeURIComponent (depending on what is being encoded).

 http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Guide:Predefined_Functions:escape_and_unescape_Functions

[crschmidt]

Tim:

Neither escape nor encodeURI escape the "+" character that is causing rdewit problems. Although I'm willing to accept that we're using the wrong thing, can you explain to me what part of that solves this problem?

[crschmidt]

encodeURIComponent should be called on the part we put in url.

[crschmidt]

This change should be in Ol.LoadURL, btw.

[pspencer]

Works for me!

[crschmidt]

(In [5865]) loadURL does not escape + (plus) character in proxied URL. Thanks to rdewit for following up on this, and to tschaub for reminding us of the right way to do things. r=pagameba (Closes #1262)

[tschaub]

Works? The spelling is encodeURIComponent.

[pspencer]

/me goes back to testing school ... I wonder where the patch did apply? Honestly, I did apply it and test it but now I look at what I ran and I don't see the patched code ...

[crschmidt]

Well, it's now got *real* tests, which I've just run in Opera, Safari, and Firefox, and committed as r5866 (under the "It's a stupid typo" rule), so I think this is okay now. Thanks for the catch, Tim, and sorry for the poor testing.

[pspencer]

opps. I was hoping to fix it first since I didn't catch it the first time through. please ignore patch.