Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the CGI CPAN distribution.

Report information
The Basics
Id: 2130
Status: resolved
Priority: 0/
Queue: CGI
People
Owner: LDS [...] cpan.org
Requestors: m_to-pause-LDS-re-CGI [...] wickline.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Feb 20 14:05:03 2003 Guest - Ticket created
Subject: documentation suggestion with patch
This caught us by suprise. Maybe with a mention in the docs a few folks will be forewarned, but more likley most CGI.pm users haven't looked at the docs for a while :) ...at least this will give something for the search engines to index on the matter. -matt
--- CGI.pm Thu Feb 20 12:30:50 2003 +++ revisedCGI.pm Thu Feb 20 12:59:43 2003 @@ -4329,6 +4329,52 @@ This became the default in version 2.64. +This default works quite well in 99% of the cases. Semicolon-delimited +query strings work fine in URLs used in HTTP redirect responses, and +in all places you would use an URL in HTML... for most browsers. The +one exception is that semicolon-delimited query strings may pose a +problem in META refresh tags in HTML when those tags are received by +MicroSoft Internet Explorer version 6.0. This bug was observed in +MSIE v6.0.2600.0000CO running on Windows 2000, and may exist in other +versions of MSIE as well. + +A META refresh tag has roughly this form: + + <!-- redirect this many seconds '10' after page loads --> + <META HTTP-EQUIV=Refresh CONTENT="10; URL=http://example.com/"> + <!-- redirect to this URL ^^^^^^^^^^^^^^^^^^^ --> + +Savvy browsers should split the value of the CONTENT attribute into +two values on the '; ' delimiter. However, MSIE splits on any ';' +found in the value of the CONTENT attribute, and looks at the first +two values returned. As a result, given this URL + + http://example.com/some.cgi?a=foo;b=bar;c=baz + +Most web browsers will do the right thing. MSIE, however, will send +the user to + + http://example.com/some.cgi?a=foo + +Unless you can guarantee that your users will avoid this browser +(and any other similarly-afflicted browsers), you will want to be +cautious when constructing these refresh tags. If the URL you're +placing in that tag is generated by CGI.pm, you can do something +like the following... + + # code out here using semicolons + my $redirect; + { # temporarily revert to ampersands instead of semicolons: + local $CGI::USE_PARAM_SEMICOLONS = 0; + $redirect = CGI::escapeHTML( CGI::url( -query => 1 ) ); + } # now we're back to semicolons + $redirect = qq{<META HTTP-EQUIV="Refresh" CONTENT="10; URL=$redirect">}; + +Alternatively, you can use old ampersand-style URLs throughout +your script (see directly below). However, the old style URLs +will leave you with more HTML entity encoding to do as raw +ampersands are not valid within HTML. + =item -oldstyle_urls Separate the name=value pairs in CGI parameter query strings with
  Mon Mar 07 13:37:41 2005 LDS [...] cpan.org - Status changed from 'new' to 'resolved'
  Mon Mar 07 13:37:41 2005 LDS [...] cpan.org - Given to LDS
  Fri May 23 14:28:21 2014 The RT System itself - Queue changed from CGI.pm to CGI