[vox-tech] Odd ncftp bug
David Hummel
vox-tech@lists.lugod.org
Tue, 16 Sep 2003 12:38:41 -0700
On Tue, Sep 16, 2003 at 12:22:44PM -0700, Bill Kendrick wrote:
>
> On Tue, Sep 16, 2003 at 12:17:44PM -0700, Mitch Patenaude wrote:
> >
> > On Tuesday, Sep 16, 2003, at 11:55 US/Pacific, Bill Kendrick wrote:
> >
> > > > 6. strace -o LOG ncftpget -R ftp://USER:"PASSWORD"@ftp.server.com
> > >
> > >Ah-hah! Someone, somewhere, is using "%" as an escape character!
> >
> > That's part of the URL spec. %XX is used to encode a character that
> > wouldn't be legal otherwise in that context, where XX is the hex for
> > the ascii value of that character.
>
> Yeah, it totally didn't occur to me that URL encoding might take
> place in the username/password field.
This Perl snippet will properly encode any string for a URL:
$string =~ s/([^a-z0-9_.!~*'() -])/sprintf "%%%02X", ord($1)/gei;
$string =~ tr/ /+/;
David Hummel
Genomics & Gene Discovery
WRRC/ARS/USDA