Bug in Remote Scripting Caused by Javascript bug? 
Author Message
 Bug in Remote Scripting Caused by Javascript bug?

The function _MSRS_buildURL(url,method,args) in RS.htm has a bug in the URL
Encoding, in that it fails to convert "+" into "%2B".  Since
Request.QueryString is used to decode the URL string in RS.asp, this is
unequivocably an encoding error.

The bug is caused by the use of the javascript escape function, which is
called in RS.HTM (within the function _MSRS_buildURL ) to do the
character-by-character translation of non-portable characters into the
familar %XX notation.  Apparently the javascript escape function thinks that
"+" needs no special handling.  Of course, this is not true inside a URL,
where "+" represents a space, while a literal "+" must be encoded as "%2B".

The fix for _MSRS_buildURL follows:

function _MSRS_buildURL(url,method,args) {
if (url == '') url = window.location.pathname;
if (typeof(method) == 'string') {
  url += '?_method=' + method;
  url += '&_mtype=execute';
  var params = '&pcount=0';
  if (typeof(args) != 'undefined' && args.length) {
   // add parameters
   params = '&pcount=' + args.length;
   for (var i = 0; i < args.length; i++)

    var arg = args[i];
    //////////////////
    // Code Modified
    //
     params += '&p' + i + '=';
     for (var j=0; j<arg.length; j++)

      var ch = arg.charAt(j);
      if (ch=='+')
       params += '%2B';
      else
       params += escape(ch);
     }
    //
    // Code Modified
    /////////////////
   }
  }
  url += params;

Quote:
}
return url;
}

Of course, with the new inner loop, translation is now slower.

I do not know if, based upon this behavior, javascript's escape function
should also be viewed as defective.  Perhaps someone else knows the details
from the ECMA rfcs.  (If this is a Javascript bug too, then it needs fixing
fast!)

Is anyone else disappointed by the fact that GET rather than POST is used in
RS to pass data?  With the built-in ~255 character length limitation, this
use of the GET protocol makes remote scripting pretty limited.  Is there a
simple way to generate a POST transfer in java?  If so, this would have
clear advantages simply in its unrestricted data size.

Regards,
    Jack Courtney



Tue, 18 Sep 2001 03:00:00 GMT  
 Bug in Remote Scripting Caused by Javascript bug?

Quote:

>I do not know if, based upon this behavior, javascript's escape function
>should also be viewed as defective.  Perhaps someone else knows the details
>from the ECMA rfcs.  (If this is a Javascript bug too, then it needs fixing
>fast!)

According to the docs, 'escape' is *NOT* for creating URL strings - it is
for encoding strings (which, being Unicode(TM), can contain non-ASCII
characters) into standard 7-bit characters that can reliably be used on any
computer and communications link (just like when you send attachments in
e-mail, they get UUENCODED so that they will work in 7-bit-land). So it
takes non-alphanumeric characters (including spaces and punctuation) and
makes them into %<hex code> or %u<Unicode code> values.

Section 15.1.2.4 of the ECMA specification explicitly states that the plus
sign is to be treated as-is in the escape function (see step 7). Remember
that ECMAScript, whilst it *originated* from a web browser, is *not* a
web-only language. Although URL encoding makes sense in a web browser /
server, it doesn't make sense in many other cases, so why have it as part of
the language?

Check the attached code, and see the "What?" and "Where?" sections of the
JScript FAQ (in my sig) for more info and a pointer to the ECMA
specification.

Quote:
>Is anyone else disappointed by the fact that GET rather than POST is used
in
>RS to pass data?  With the built-in ~255 character length limitation, this
>use of the GET protocol makes remote scripting pretty limited

As I posted previously, there is no theoretical limit to the size of a GET
request. IE4 can send, and IIS 4 can handle, long GETs (I just did over 700
chars). So it's not as limited as you might think.

Peter

--
Peter Torr, Developer / Webmaster          Vantage Systems Australia.

JScript FAQ  -   http://www.netspace.net.au/~torrboy/code/jscriptfaq/

<p>
Text: <input type="text" name="text2encode" id="text2encode"
size="20">&nbsp;
<input type="button" value="Encode" language="javascript"
onclick="DoEncoding()">
</p>

Encoded: <span id="encoded"></span><br>
Decoded: <span id="decoded"></span>

<script type="text/javascript">

function DoEncoding()
{
 var s = document.all("text2encode").value;

 document.all("encoded").innerText = escape(s);
 document.all("decoded").innerText = unescape(escape(s));

 return true;

Quote:
}

</script>


Sat, 22 Sep 2001 03:00:00 GMT  
 Bug in Remote Scripting Caused by Javascript bug?
If you want something done properly...

Quote:

><input type="button" value="Encode" language="javascript"
>onclick="DoEncoding()">

Why on earth is "language" in there? You must be stupid, stupid, stupid.
(from "The Rainmaker", I believe).

Quote:
><script type="text/javascript">

At least I got it right here ;-)

Peter

--
Peter Torr, Developer / Webmaster          Vantage Systems Australia.

JScript FAQ  -   http://www.netspace.net.au/~torrboy/code/jscriptfaq/



Sun, 23 Sep 2001 03:00:00 GMT  
 
 [ 3 post ] 

 Relevant Pages 

1. BUG: Multiple threads Cause Connection Busy Error in the Driver

2. BUG: Multiple threads Cause Connection Busy Error in the Driver

3. IE BUG?: BODY's OnBeforeUnload fires twice for <A href that causes postback

4. Bug.. VBScript ASP Dictionary Bug

5. JavaScript parseInt Bug

6. Blow up Bug using Javascript and ASP

7. Animated GIF IE5 JavaScript Bug ?

8. Bug? JavaScript RegExp and Nav 4.08 implementation

9. Security Bug with JavaScript and IE (???)

10. Date() bug in JavaScript

11. Javascript Date bugs

12. VB Script "bug"???

 

 
Powered by phpBB® Forum Software