June 17, 2004
Url rewrite and Url Encoding::[Blog]
For the Design of Booso.com, fix several problems whit the help of Nio and Chedong,
Url rewrite:
Design the link of this kind:
http://booso.com/cgi-bin/booso.cgi?gmail to http://booso.com/gmail
and keep all the others as usural:
RewriteEngine On
RewriteRule !^/$ - [C]
RewriteRule !^/index.html$ - [C]
RewriteRule !^/archives/howto.html$ - [C]
RewriteRule !^/img/.* - [C]
RewriteRule !^/cgi\-bin.* - [C]
RewriteRule ^/?(.*) /usr/local/apache2/cgi-bin/booso.cgi?link=$1
RewriteLogLevel 9
Options ExecCGI
AddHandler cgi-script .cgi
And this will work.
After that I found that the query name in Chinese will not work under Internet Explore but works find under mozilla and conqueror. Chedong suggest fix the problem of Url encoding.
Url encoding:
In Cgi:
use CGI ();
NewQuery=CGI::escape($URL);
This will work.
For other system, Php:
PHP Example:
<?
$Text = "foo<b>bar";
$URL = "foo<b>bar.html";
echo HTMLSpecialChars($Text), "<BR>";
echo "<A HREF=\"", rawurlencode($URL), "\">link</A>";
?>
Note that PHP also has a strip_tags() function that will remove all
HTML tags from a string. Using this function in a manner such as:
echo strip_tags($Text);
will strip all HTML from the input. However, if you use it in the form:
echo strip_tags($Text, "<B>");
which only allows the "<B>" tag through, you are still often
vulnerable to users inserting script code. By design, this function
does not strip attributes from the tags. This means it is often
possible to include things such as JavaScript event attributes.
An example of a tag that would be allowed by the above strip_tags()
call is:
<B onmouseover="document.location='http://www.cert.org/'">
Some clients accept such attributes on tags that are otherwise benign.
Apache Module Example:
char *Text = "foo<b>bar";
char *URL = "foo<b>bar.html";
ap_rvputs(r, ap_escape_html(r->pool, Text), "<BR>", NULL);
ap_rvputs(r, "<A HREF=\"", ap_escape_uri(r->pool, URL), "\">link</A>", NULL);
mod_perl Example:
$Text = "foo<b>bar";
$URL = "foo<b>bar.html";
$r->print(Apache::Util::escape_html($Text), "<BR>");
$r->print("<A HREF=\"", Apache::Util::escape_uri($URL), "\">link</A>");
This uses the same functions as in the Apache Module Example, called
from Perl instead of directly from C.
For a single code, encode url is here:
perl -p -e 's/([^\w\-\.\@])/$1 eq "\n" ? "\n":sprintf("%%%2.2x",ord($1))/eg'
decode :
perl -p -e 's/%(..)/pack("c", hex($1))/eg'
Other info:
http://www.hk8.org/old_web/linux/cgi/ch02_01.htm
Trackback
You can ping this entry by using http://www.wespoke.com/cgi-bin/mt/mt-tb.cgi/502
Comments
TV host Oprah Winfrey gives audience members $1,000 (526) each to donate to a charitable cause...
Posted by: Marcel Muncy at December 14, 2006 09:11 AM from 67.15.2.32TV host Oprah Winfrey gives audience members $1,000 (526) each to donate to a charitable cause...
Posted by: Marcel Muncy at December 14, 2006 09:11 AM from 66.11.54.72TV host Oprah Winfrey gives audience members $1,000 (526) each to donate to a charitable cause...
Posted by: Tyshawn Frias at December 27, 2006 08:49 AM from 62.150.130.26TV host Oprah Winfrey gives audience members $1,000 (526) each to donate to a charitable cause...
Posted by: Tyshawn Frias at December 27, 2006 08:49 AM from 12.45.169.249