Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the CGI CPAN distribution.

Report information
The Basics
Id: 1933
Status: resolved
Priority: 0/
Queue: CGI
People
Owner: Nobody in particular
Requestors: nic [...] coombs.anu.edu.au
Cc:
AdminCc:
Bug Information
Severity: Critical
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Jan 09 22:45:19 2003 Guest - Ticket created
Subject: '+' converted to space in POST/GET
In CGI.pm - a + character passed in a form textfield is converted to a space when you do something like print $queryin->param('crusty'); I suggest that there is at least 1 spurious $foo=~tr/+/ /; or similar statement in CGI.pm - or that the unescape sub is called more than once (which contains that statement). The value of the crusty variable is correctly urlencoded when it gets to the server (tested with Example 19.6: dummyhttpd from the Perl cookbook) I don't think that OS or perl ver are relevant, but it's solaris 8 (discovered on machine running solaris 7) and perl v5.6.0 built for sun4-solaris. Apache 1.3.27, mod_perl 1.27. CGI.pm is ver 2.89 and CGI.pm,v 1.75 2002/10/16 17:48:37 lstein The problem is reproducible with the following form and cgi script - enter a string containing '+' character into the form and watch it disappear! Testform: <HTML> <BODY> <FORM method=post action=cgi-bin/webchange.cgi> <INPUT NAME=crusty type=text> <!-- <INPUT NAME=crusty type=password> --> <INPUT type=submit> </FORM> </BODY> </HTML> CGI script (webchange.cgi): #!/opt/perl/bin/perl # use strict; # use IO::Socket; use CGI; use CGI::Carp qw(fatalsToBrowser); my $queryin = new CGI(); print CGI->header(); print $queryin->param('crusty'); Any questions - feel free to contact me - nic@coombs.anu.edu.au Cheers, nic.
  Mon Jan 13 12:07:01 2003 LDS [...] cpan.org - Status changed from 'new' to 'resolved'
  Mon Jan 13 12:13:23 2003 lstein [...] cshl.org - Correspondence added
From: Lincoln Stein <lstein [...] cshl.org>
To: bug-CGI.pm [...] rt.cpan.org
Subject: Re: [cpan #1933] '+' converted to space in POST/GET
Date: Mon, 13 Jan 2003 09:13:14 -0800
RT-Send-Cc:
Cannot confirm this bug. See detailed response at CPAN. Lincoln On Thursday 09 January 2003 07:45 pm, you wrote: Show quoted text
> This message about CGI.pm was sent to you by guest <> via rt.cpan.org > > Full context and any attached attachments can be found at: > <URL: https://rt.cpan.org/Ticket/Display.html?id=1933 > > > In CGI.pm - a + character passed in a form textfield is converted to a > space when you do something like print $queryin->param('crusty'); > > I suggest that there is at least 1 spurious $foo=~tr/+/ /; or similar > statement in CGI.pm - or that the unescape sub is called more than once > (which contains that statement). The value of the crusty variable is > correctly urlencoded when it gets to the server (tested with Example 19.6: > dummyhttpd from the Perl cookbook) > > > I don't think that OS or perl ver are relevant, but it's solaris 8 > (discovered on machine running solaris 7) and perl v5.6.0 built for > sun4-solaris. Apache 1.3.27, mod_perl 1.27. CGI.pm is ver 2.89 and CGI.pm,v > 1.75 2002/10/16 17:48:37 lstein The problem is reproducible with the > following form and cgi script - enter a string containing '+' character > into the form and watch it disappear! > > Testform: > > <HTML> > <BODY> > <FORM method=post action=cgi-bin/webchange.cgi> > <INPUT NAME=crusty type=text> > <!-- <INPUT NAME=crusty type=password> --> > <INPUT type=submit> > </FORM> > </BODY> > </HTML> > > CGI script (webchange.cgi): > > #!/opt/perl/bin/perl > > # use strict; > # use IO::Socket; > > use CGI; > use CGI::Carp qw(fatalsToBrowser); > > my $queryin = new CGI(); > print CGI->header(); > > > print $queryin->param('crusty'); > > > > Any questions - feel free to contact me - nic@coombs.anu.edu.au > > Cheers, > > nic.
  Mon Jan 13 12:13:24 2003 The RT System itself - Status changed from 'resolved' to 'open'
  Tue Jan 14 00:42:12 2003 Guest - Correspondence added
From: nic [...] coombs
Lincoln, I now cannot reproduce the problem. You may as well close it if you cannot reproduce it either. Cheers, nic. [lstein@cshl.org - Mon Jan 13 12:13:23 2003]: Show quoted text
> Cannot confirm this bug. See detailed response at CPAN. > > Lincoln >
  Mon Aug 18 13:59:55 2003 LDS [...] cpan.org - Correspondence added
Fixed in 2.91 [guest - Thu Jan 9 22:45:19 2003]: Show quoted text
> In CGI.pm - a + character passed in a form textfield is converted to
a Show quoted text
> space when you do something like > print $queryin->param('crusty'); > > I suggest that there is at least 1 spurious $foo=~tr/+/ /; or similar > statement in CGI.pm - or that the unescape sub is called more than > once (which contains that statement). The value of the crusty > variable is correctly urlencoded when it gets to the server
(tested Show quoted text
> with > Example 19.6: dummyhttpd from the Perl cookbook) > > > I don't think that OS or perl ver are relevant, but it's solaris 8 > (discovered on machine running solaris 7) and perl v5.6.0 built
for Show quoted text
> sun4-solaris. Apache 1.3.27, mod_perl 1.27. CGI.pm is ver 2.89 and > CGI.pm,v 1.75 2002/10/16 17:48:37 lstein > The problem is reproducible with the following form and cgi script - > enter a string containing '+' character into the form and watch it > disappear! > > Testform: > > <HTML> > <BODY> > <FORM method=post action=cgi-bin/webchange.cgi> > <INPUT NAME=crusty type=text> > <!-- <INPUT NAME=crusty type=password> --> > <INPUT type=submit> > </FORM> > </BODY> > </HTML> > > CGI script (webchange.cgi): > > #!/opt/perl/bin/perl > > # use strict; > # use IO::Socket; > > use CGI; > use CGI::Carp qw(fatalsToBrowser); > > my $queryin = new CGI(); > print CGI->header(); > > > print $queryin->param('crusty'); > > > > Any questions - feel free to contact me - nic@coombs.anu.edu.au > > Cheers, > > nic. >
  Mon Aug 18 13:59:56 2003 LDS [...] cpan.org - Status changed from 'open' to 'resolved'
  Fri May 23 14:28:20 2014 The RT System itself - Queue changed from CGI.pm to CGI