also sprach Joost Kooij (on Sat, 21 Jul 2001 03:53:58PM +0200):
> You read the wrong rfc, the above characters are all allowed in http.
> Try it again, using spaces, '%', '#' and some control characters.
> Those will be escaped.
The restricted set of characters consists of dig
its, letters, and a few graphic symbols chosen from those
common to most of the character encodings and input facil
ities available to Internet users:
"A" .. "Z", "a" .. "z", "0" .. "9",
";", "/", "?", ":", "@", "&", "=", "+", "$", ",", # reserved
"-", "_", ".", "!", "~", "*", "'", "(", ")"
[...]
Some of the "uric" characters are reserved for use as
delimiters or as part of certain URI components. These
must be escaped if they are to be treated as ordinary
data. Read RFC 2396 for further details.
you can see that both '$' and '/' are restricted (reserved
characters), and these are escaped by browsers and other HTTP clients
during form submissions - which is essentially what i want to fake
from the command line.
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
--
micros~1: for when quality, reliability, and security
just aren't that important!
Attachment:
pgp4heGNAGpk0.pgp
Description: PGP signature