Code

Opened 16 months ago

Last modified 7 weeks ago

#19508 new Cleanup/optimization

Implement URL decoding according to RFC 3987

Reported by: aaugustin Owned by: nobody
Component: HTTP handling Version: master
Severity: Normal Keywords:
Cc: anubhav9042@… Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Since #5738, when Django fails to decode an URL because it isn't valid UTF-8, it returns a HTTP 400 error with no content.

It's a bit sloppy to use a protocol-level message for an application-level requirement — in other words, to reply to a well-formed HTTP request with 400 Bad Request. Section 3.2 of RFC 3987 proposes a solution to this problem. Basically, non-ASCII bytes that do not create a valid utf-8 sequence should remain URL-encoded. This may not be trivial to implement, but it provide better error handling and it's normalized.

With this change, non-existing but well-formed URLs will return a 404 instead of a 400. That's what people expect, as shown in the comments of #5738 and #16541.

Django builds URLs according to section 3.1 of RFC 3987. With this change, URLs will round trip cleanly through the reversing / resolving (that's one of the guarantees of RFC 3987) and Django will be able to deal with legacy, non-utf-8 URLs. I pursued these goals in #19468 with a more primitive technique (depending only on the encoding) and that didn't work out.

Attachments (0)

Change History (3)

comment:1 Changed 16 months ago by claudep

  • Triage Stage changed from Unreviewed to Accepted

comment:2 Changed 7 weeks ago by anubhav9042

I am thinking to work on this.....
I have some idea of what to do, by visiting the links provided in the summary.

Can anyone give me some ideas to begin with...??

comment:3 Changed 7 weeks ago by anubhav9042

  • Cc anubhav9042@… added

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as new
The owner will be changed from nobody to anonymous. Next status will be 'assigned'
as The resolution will be set. Next status will be 'closed'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.