From: Stéphane Travostino <stephane.travostino@gmail.com>
Date: Thu, 5 Apr 2012 17:23:08 +0000 (-0400)
Subject: [release-branch.go1] net/url: Correctly escape URL as per RFC 3986
X-Git-Tag: go1.0.1~39
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=70e139f3bc8f1f94b00bf68f24309d6092d6bde0;p=gostls13.git

[release-branch.go1] net/url: Correctly escape URL as per RFC 3986

««« backport 6b46fb967ca4
net/url: Correctly escape URL as per RFC 3986

The shouldEscape function did not correctly escape the reserved characters listed in RFC 3986 §2.2, breaking some strict web servers.
Fixes #3433.

R=rsc
CC=golang-dev
https://golang.org/cl/5970050

»»»
---

diff --git a/src/pkg/net/url/url.go b/src/pkg/net/url/url.go
index 88ff7ebfef..b6e79adc29 100644
--- a/src/pkg/net/url/url.go
+++ b/src/pkg/net/url/url.go
@@ -61,16 +61,16 @@ func (e EscapeError) Error() string {
 }
 
 // Return true if the specified character should be escaped when
-// appearing in a URL string, according to RFC 2396.
+// appearing in a URL string, according to RFC 3986.
 // When 'all' is true the full range of reserved characters are matched.
 func shouldEscape(c byte, mode encoding) bool {
-	// RFC 2396 Â§2.3 Unreserved characters (alphanum)
+	// Â§2.3 Unreserved characters (alphanum)
 	if 'A' <= c && c <= 'Z' || 'a' <= c && c <= 'z' || '0' <= c && c <= '9' {
 		return false
 	}
-	// TODO: Update the character sets after RFC 3986.
+
 	switch c {
-	case '-', '_', '.', '!', '~', '*', '\'', '(', ')': // Â§2.3 Unreserved characters (mark)
+	case '-', '_', '.', '~': // Â§2.3 Unreserved characters (mark)
 		return false
 
 	case '$', '&', '+', ',', '/', ':', ';', '=', '?', '@': // Â§2.2 Reserved characters (reserved)
diff --git a/src/pkg/net/url/url_test.go b/src/pkg/net/url/url_test.go
index 2d911ed505..d8b253142f 100644
--- a/src/pkg/net/url/url_test.go
+++ b/src/pkg/net/url/url_test.go
@@ -394,8 +394,8 @@ var escapeTests = []EscapeTest{
 		nil,
 	},
 	{
-		" ?&=#+%!<>#\"{}|\\^[]`âº\t",
-		"+%3F%26%3D%23%2B%25!%3C%3E%23%22%7B%7D%7C%5C%5E%5B%5D%60%E2%98%BA%09",
+		" ?&=#+%!<>#\"{}|\\^[]`âº\t:/@$'()*,;",
+		"+%3F%26%3D%23%2B%25%21%3C%3E%23%22%7B%7D%7C%5C%5E%5B%5D%60%E2%98%BA%09%3A%2F%40%24%27%28%29%2A%2C%3B",
 		nil,
 	},
 }