[Web-SIG] Proposal to remove SCRIPT_NAME/PATH_INFO
And Clover
and-py at doxdesk.com
Thu Sep 24 18:28:11 CEST 2009
Ian wrote:
> some environments provide only the unquoted path. I think it's not
> terribly horrible if they fake it by re-quoting the path.
If they are faking it, there should IMO be a way to flag that it's
faked. Then an application that uses IRIs may choose to
a. generate an error, or
b. carry on, don't care about %2F and just hope the encodings match, or
c. fall back to outputting only ASCII URLs.
> I also believe you can safely reconstruct the real SCRIPT_NAME/PATH_INFO
> from REQUEST_URI, which is usually available
I wouldn't say 'usually', REQUEST_URI is Apache-specific. I haven't
checked other servers to see if they copy it, but IIS certainly doesn't.
SCRIPT_NAME/PATH_INFO can differ completely from REQUEST_URI when Apache
has done some internal redirection, for example via mod_rewrite or
ErrorDocument. It's certainly useful as a fixup possibility (several of
my apps optionally use it), but not something that can really be relied
upon.
--
And Clover
mailto:and at doxdesk.com
http://www.doxdesk.com/
More information about the Web-SIG
mailing list