[Info-vax] URL encoding
Paul Sture
nospam at sture.ch
Mon Jan 14 03:05:48 EST 2013
In article <kd02gh$940$1 at dont-email.me>,
David Froble <davef at tsoft-inc.com> wrote:
> I've been looking at this, and I've found a complete table of codes for
> all kinds of characters. However, it also seems that only a few
> characters, such as space, normally get URL encoded.
Usually space, but also other components of a URL such as slash and
period. For example:
'some.example.com/' gives 'dangerous%2eexample%2ecom%2f'
I've just come across an option where space is encoded as '+', e.g:
'example.com/some thing.pdf' gives 'example%2ecom%2fsome+thing%2epdf'
> Just asking what others might have seen. Have instances of all
> characters being URL encoded been experienced?
I have certainly come across cases where the whole string was URL
encoded, possibly but not necessarily as a deliberate means of
obfuscation. I don't know whether anti-spam tools look for this type of
stuff, but may well do.
Fully encoded,
dangerous.example.com/
gives
%64%61%6e%67%65%72%6f%75%73%2e%65%78%61%6d%70%6c%65%2e%63%6f%6d%2f
(examples generated using the online tool at
http://www.dorf-rauxel.de/picard/tools/urlcode.php - sorry that's in
German but the first online tool I found didn't work and this one does
work)
--
Paul Sture
More information about the Info-vax
mailing list