HTMLBuilder and <A HREF='script.py?foo=bar&ding=bats'>yeah teah</A>
Steve Holden
sholden at bellatlantic.net
Thu Mar 9 11:11:09 EST 2000
Vespe Savikko wrote:
>
> Also sprach Ben Skelton <skeltobc at mailandnews.com>:
>
> Adrian Eyre wrote:
> >
> > > b.startElement ('a', {'href': 'script.py?foo=bar&ding=bats'})
> > >
> > > [snip]
> > >
> > > <HTML><A HREF="script.py?foo=bar&ding=bats">Press me</A></HTML>
> > >
> > > note the '&' in the href argument.
> >
> > Indeed. It's substituted for the ampersand, being illegal in an HTML
> > document.
> >
> > > How can I do this properly?
> >
> > What do you mean by properly?
>
>
> I want to pass arguments to the script.py. I thought the way to do this
> was
> via the url
> http://server/cgi-bin/script.py?argument1=value1&argument2=value2
> ie an ampersand separated list of argument=value.
>
> The idea is that when different hyperlinks are followed unique sets of
> arguments can be passed to the script.
>
> Have you tried that? If your browser isn't broken it should decode the
> HTML-encoded character entities when following the link. In other
> words _in the HTML document_ the following links behave identically
> (meaning they generate identical HTTP requests):
>
> <a href="http://server/script?arg1=143&arg2=foo">Link</a>
> <a href="http://server/script?arg1=143&arg2=foo">Link</a>
>
> If I remember correctly the latter line is even more valid HTML since
> it escapes the "dangerous" & character.
>
> ++Vespe
>
> --
> ------------------------------------------------------------------
> Vespe Savikko vespe at cs.tut.fi - to doom de doomsday -
Sadly, your link brings up
http://server/script?arg1=143&arg2=foo
in the browser location window, which is NOT what's required. Unless,
of course, my mail reader has somehow mangled this URL. The browser
actually needs to see
http://server.snap.com/script?arg1=143&arg2=foo
or it will think you are trying to the CGI argument "amp;arg2" to
"foo". I have tested this locally, using the following code (I blush
to publish VBscript in c.l.p, but it was quicker to hack an existing
test script):
#------------------------ASP Start------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<TITLE>Entity Decoding Test</TITLE>
</HEAD>
<BODY>
<%
arg1=Request("arg1")
arg2=Request("arg2")
extra=Request("amp;arg2")
%>
<h3>Arg1: <%=arg1%></h3>
<h3>Arg2: <%=arg2%></h3>
<h3>Extra: <%=extra%></h3>
</BODY>
</HTML>
#------------------------ASP End------------------------
and sure enough that's what happens. HTML encoding surely isn't
appropriate inside attribute values: it's used between tags to ensure
the browser correctly renders text which might otherwise be incorrectly
interpreted as markup, or require illegal characters in the HTML stream.
So the question remains: how to stop the startElement from HTML
entity-encoding the HREF attribute of an <A> tag. Some kind of escape
mechanism? Or are you suggesting that Netscape 4.7 os broken in some
fundamental way?
regards
Steve
--
"If computing ever stops being fun, I'll stop doing it"
More information about the Python-list
mailing list