Forum: Ruby on Rails URI.escape and pluses

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
carl (Guest)
on 2005-11-19 08:18
(Received via mailing list)
I called URI.escape on a CGI parameter to try to convert any possible
spaces in a user's query into pluses.  However, it converted them into
%20 instead.  Is there a different function that I should call that
will convert spaces into pluses, or should I just do a gsub on the
string before calling URI.escape?

Thanks,
Carl
Simon.Santoro (Guest)
on 2005-11-19 16:39
(Received via mailing list)
Carl Y. wrote:
> I called URI.escape on a CGI parameter to try to convert any possible
> spaces in a user's query into pluses.  However, it converted them into
> %20 instead.  Is there a different function that I should call that
> will convert spaces into pluses, or should I just do a gsub on the
> string before calling URI.escape?

Is there a special reason you want a + instead of %20? URI.escape works
really like expected: the space sign is %20 and the + sign should be
escaped to %2B.
carl (Guest)
on 2005-11-19 18:58
(Received via mailing list)
You know, everything seems to be working.  I just thought that space
was supposed to turn into pluses when it was encoded.  Sorry to add to
the list traffic.
kyle (Guest)
on 2005-11-20 00:45
(Received via mailing list)
Andrew H. (Guest)
on 2006-07-07 03:12
kyle wrote:

> FYI, %20 and plus are interchangable

As a footnote to this, I wanted to escape a URI I was sending *as part
of a CGI query string* to the W3C CSS validator. The URI included a "+"
in the path which is normally completely valid, but *not* when that ends
up in the query string. So, one might expect to be able to do this:

"http://host/path/script.cgi?uri=" + URI.escape(@my_strange_url)

...but if @my_strange_url has "?", "&" or "+" in it, 'script.cgi' will
get mighty confused because they won't be escaped. I never did find a
satisfactory solution because you can't, say, call
URI.escape(URI.escape(@my_strange_uri), "?+&") since the outer
URI.escape call will escape "%" from valid escape sequences already
generated by the inner call, thus breaking the URI.

It isn't possible to add to or subtract from a regular expression, so
it's not possible to take URI::REGEXP::UNSAFE and remove the "?", "+"
and "&" from its exclusion character set. In the end you're left having
to simply copy the value of URI::REGEXP::UNSAFE and remove the offending
characters because of the unusual use of the escape call, though this
isn't a nice solution in case any subsequent improvements might be made,
or changes made to the way the escape call works that might invalidate
or at best deprecate the hand-rolled version.

Ruby's normally good at helping you avoid these kinds of irritating
holdups but in this case one got me! I thought it was worth adding this
note to a rather old thread just in case anyone else with a similar
problem picks it up through the search engine, as I did.
This topic is locked and can not be replied to.