On 24 May 2002 michael@??? wrote:
> while debugging something, I observed a serious bug in quote_ldap.
> It should possibly be called quote_url, because it appears only to quote
> URL characters. For example,
>
> cn=${quote_ldap: two}
>
> expands to:
>
> cn=%20two
>
> That is fine looking at URL syntax, but a leading space is not part
> of the name (see RFC 1485). Instead, it should expand to:
>
> cn=#2074776f
>
> The string representation of DNs does not allow to quote characters,
> only the full string can be given in hex.
I need advice from LDAP experts here. My understanding was that there
are two levels of quoting required, and that what should happen is this:
1. LDAP quoting is applied to the string.
2. URL quoting is applied to the result. In particular, the backslashes
that are used for LDAP quoting get turned into %5C.
The unquoting then works in reverse: first the URL quoting is removed,
and then you have an LDAP query which has its own quoting.
Have I got this wrong?
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
