[jcifs] Re: SMB URL encoding/decoding

Christopher R. Hertel crh at ubiqx.org
Sun Feb 24 14:54:08 EST 2002 

Michael B Allen wrote:
:
> You can have ANY characters in a password. So there's NO way to traverse
> it. You HAVE to come in from the end looking for something and when I did
> this it was determined that '@' was what I looked for. I don't remember
> exactly why I did what I did but I rememeber mulling it over pretty hard.

If there are reserved characters in the password then they must be escaped
in order to be used in a URL string.  Otherwise, you would change the syntax
of the string itself and make it unparsable.

> > No, because the generic URL/URI syntax already supports the use of
> > credentials as part of the <server> field.  RFC2396:
> 
> Ok, nobody seems to like that idea. Forgotten.

It was worth considering.  :)

> > If the '/' has precedence over '@' then the parse tree is (roughly):
> >
> >                         ["://"]
> >                           / \
> >            [scheme: "FTP"]  ['/']
> >                              / \
> > [server: "user:pass at foo.com"]  [abs_path: "some/dir/im at home/text.txt"]
> 
> Well, then assigning "operator hierarchy" is inherent to parsing.

Yes, though I should have said "separator hierarchy" or "delimiter
hierarchy" or somesuch.  Calling them operators was unclear.

> I wasn't sure what you meant. At any rate, you can't do this because '/'
> can appear in a password.

Then it must be escaped.

The quote character can appear in a string in the C language, but when you
write it out it must also be escaped, etc.  There is no way to parse a
string if the (un-escaped) delimiter itself can be part of the string.

Applications such as a web browser or other tool that implements the SMB URL
will likely prompt for a password if the password is needed but not given. 
Smbclient does that, for example.  You don't have to worry about escaping
the character if the password is being prompted for separately.

> It's a pretty rare character to appear in a
> password though. I suppose we could make users URL encode a '/' in the
> password and then disect by '/' like you have above. That would be
> wonderfully easy actually and cause far less confusion.

That would be my vote.  %2f

Chris -)-----

-- 
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org

More information about the jcifs mailing list