| Author |
 Topic  |
|
|
bud_dadude
Starting Member
Australia
21 Posts |
|
|
bud_dadude
Starting Member
Australia
21 Posts |
 Posted - 07 April 2009 : 07:30:23
|
I figured it out
:-) |
 |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 07 April 2009 : 08:03:30
|
a | is considered to be an 'unsafe' character for a url and should therefore be either encoded or not used at all
extract from RFC
Unsafe:
Characters can be unsafe for a number of reasons. The space
character is unsafe because significant spaces may disappear and
insignificant spaces may be introduced when URLs are transcribed or
typeset or subjected to the treatment of word-processing programs.
The characters "<" and ">" are unsafe because they are used as the
delimiters around URLs in free text; the quote mark (""") is used to
delimit URLs in some systems. The character "#" is unsafe and should
always be encoded because it is used in World Wide Web and in other
systems to delimit a URL from a fragment/anchor identifier that might
follow it. The character "%" is unsafe because it is used for
encodings of other characters. Other characters are unsafe because
gateways and other transport agents are known to sometimes modify
such characters. These characters are "{", "}", "|", "\", "^", "~",
"[", "]", and "`".
All unsafe characters must always be encoded within a URL. For
example, the character "#" must be encoded within URLs even in
systems that do not normally deal with fragment or anchor
identifiers, so that if the URL is copied into another system that
does use them, it will not be necessary to change the URL encoding.
|
|
|
|
bobby131313
Senior Member
USA
1163 Posts |
Posted - 07 April 2009 : 10:19:39
|
quote:
a | is considered to be an 'unsafe' character for a url and should therefore be either encoded or not used at all
And it's absolutely appalling that many sites that are starting to use them often, among other crazy characters. They're getting so caught up in SEF urls that they're forgetting about basics. eBay and Amazon are biggest offenders and it's tickin' me off. [/rant] |
Switch the order of your title tags |
|
|
|
SiSL
Average Member
Turkey
671 Posts |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 07 April 2009 : 14:44:07
|
what about it?
() are removed for security reasons to stop people injecting javascript function calls into urls, if you want to change it on your forum then feel free, but they will not be changed here or in the base code. |
|
|
|
SiSL
Average Member
Turkey
671 Posts |
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 07 April 2009 : 17:08:16
|
| You can technically add functional code to the URL reguardless of allowing HTML or BBCode (assuming you didn't disable the forum's code to automatically search for URLs) as its part of the spec. Its harder, but you can do it even if the "JavaScript:" part is filtered out. |
|
|
|
SiSL
Average Member
Turkey
671 Posts |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 08 April 2009 : 01:47:38
|
I am perfectly relaxed, it is you who seems hell bent on pulling holes in why we do stuff,we don't just filter things out for the hell of it, it is to stop your forums from being hacked, if you want to allow it then don't come running to us when people get their cookies stolen by unscrupulous posters.
|
|
|
| |
Topic |
|
Topic Locked
