Home
About Download Documentation Wiki Forums Contribute Support
The Toolkit for Online Communities
15939 Community Members, 0 members online, 2145 visitors today 		Log In Register

Forum OpenACS Development: Strict RFC 3986 url encoding

OpenACS Home : Forums : OpenACS Development : Strict RFC 3986 url encoding

Icon of Envelope Request notifications

+
1: Strict RFC 3986 url encoding
Posted by Guan Yang on 04/15/09 10:04 PM

While implementing client support for OAuth authentication for Twitter, I needed a url encoding procedure that strictly conforms to RFC 3986, which ns_urlencode and ad_urlencode do not. This is necessary for the HMAC signatures used in OAuth. RFC 3986 only has four reserved characters apart from ASCII letters and numbers: _.-~

Here's the code I used, in case anyone else needs it in the future: 

    set enc [ns_urlencode $string]
    set enc [string map -nocase {%2d - %5f _ %2e . + %20 %7e ~} $enc]

    # Capitalize
    set map [list]
    foreach {m c} [regexp -all -inline {%([a-f][0-9a-f]|[0-9a-f][a-f])} $enc] {
        if { ![info exists matched($m)] } {
            lappend map $m [string toupper $m]
            set matched($m) ""
        }
    }
    set enc [string map $map $enc]

There's probably a better way of capitalizing the codes.

+
2: Re: Strict RFC 3986 url encoding (response to 1)
Posted by Dave Bauer on 10/21/10 10:50 PM
Hmmm

Reading the RFC

reserved = gen-delims / sub-delims

gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@"

sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
/ "*" / "+" / "," / ";" / "="


It looks like all those are reserved.

Do you have a reference to what reserved characters you are referring to?

Thanks
Dave

+
3: Re: Strict RFC 3986 url encoding (response to 2)
Posted by Guan Yang on 10/21/10 10:55 PM
I think I should have said “unreserved characters”. They are in section 2.3:

unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
+
4: Re: Strict RFC 3986 url encoding (response to 1)
Posted by Dave Bauer on 10/21/10 11:07 PM
Ah ok that makes more sense Thanks!!
+
5: Re: Strict RFC 3986 url encoding (response to 1)
Posted by Dave Bauer on 10/04/11 01:18 AM
Hi,

Can you share your OAuth Code?

+
6: Re: Strict RFC 3986 url encoding (response to 5)
Posted by Steffen Tiedemann Christensen on 10/04/11 07:19 AM
Hey Dave,

Are you looking for a client implementation of OAuth 1.0a or for something broader?

(Actually Guan's project ended up in both a server and client side library, so there's something to share at least -- we've just never cleaned it up sufficiently to do so. This would serve as a good opportunity.)

Steffen

+
7: Re: Strict RFC 3986 url encoding (response to 6)
Posted by Dave Bauer on 02/29/12 06:02 PM
Hi,

Any updates on this? Did you ever implement OAuth 2?

Has anyone else implemented OAuth 2 as now required by most services?

+
8: Re: Strict RFC 3986 url encoding (response to 7)
Posted by Guan Yang on 02/29/12 06:04 PM
I haven't seen anything, but OAuth 2 should be much easier because there's no special signature generation required. You just open an HTTPS connection and pass the token.
This website is maintained by the OpenACS Community. Any problems, email webmaster or Submit a bug report.