chrometweaks.org

The best iPage web host? Cheaper with most features.?

Click Here To View All Answers...


Got a quick question: The best iPage web host? Cheaper with most features.? Thanks for any comment. Second question.. OK in my quest to make my installation of OSC 100% HTML 4.01 compliant I've encountered a glitch that stumps me. According to W3C a URL isn't supposed to contain an ampersand. It's supposed to be done as & (Ampersand, alpha, micahel, paul, semicolon... in case that doesn't come through)..

If a visitor has cookies disabled the session info is coded into all the links on every page. Most of this links are built with an unescaped ampersand. How would one go about changing ALL those links to the proper code. I really hope there is a single function somewhere that generates all those links. I was digging around in session.php it looks like it should be in there someplace, I just can't find it..

Could somebody steer me towards the right place to make this (hopefully) minor change..

Http://www.printersquid.com.

Thanks..

This post has been edited by.

Nerd3d.

: 26 September 2004, 00:18..

Comments (26)

Hmm... I need to find out myself. I don't know what is the right answer. I'll do some poking around and get back to you if I find an answer. You should email the people at iPage as they probably could give you help..

Comment #1

No, here's the write up at.

W3.org.

....

Ampersands (&'s) in URLs.

Another common error occurs when including a URL which contains an ampersand ("&"):.

<! This is invalid! > <a href="foo.cgi?chapter=1&section=2">...</a>.

This example generates an error for "unknown entity section" because the "&" is assumed to begin an entity. In many cases, browsers will recover safely from the error, but the example used here will cause the link to fail in Netscape 3.x (but not other versions of Netscape) since it will assume that the author intended to write &sect;ion, which is equivalent to ion..

To avoid problems with both validators and browsers, always use &amp; in place of &:.

<a href="foo.cgi?chapter=1&amp;section=2">...</a>.

According to W3C the way OSC handles this is invalid. The explanation they give is pretty clear. The sesion ID looks like this in an OSC URL when the visitor has cookies off:.

Path=21&osCsid=8c159f02d2027938b7ef01618b6aac95.

It should be:.

Path=21&amp;osCsid=8c159f02d2027938b7ef01618b6aac95..

Comment #2

Well, if you wanted to do this, you would replace this line in function tep_href_link (in includes/functions/html_output.php):.

   return $link;.

With.

   return htmlspecialchars($link);.

I see the "bad" usage just about everywhere, though...

Comment #3

There is a contribution for this.

Http://www.oscommerc...tributions,2027.

I believe it only adds:.

$link = str_replace('&', '&amp;', $link);.

Return $link;.

To the tep_href_link function in /includes/functions, but it works fine...

Comment #4

Okay, there is another answer to this, but I just can't remember what it is! You can use just the '&' in the pathway, if you define it in one of the files as '&amp;'. Then all references to '&' in file pathways are treated as being '&amp;' and don't generate w3c.org errors. Sorry I can't be more helpful, other than to say that this is possible..

Vger..

Comment #5

The contribution works great and is easy to apply. I suppose ideally the URL's should be created with correct encoding rather than being patched up at the end, but that's beyond my skill for sure..

Thanks for the help...

Comment #6

OK in my quest to make my installation of OSC 100% HTML 4.01 compliant I've encountered a glitch that stumps me. According to W3C a URL isn't supposed to contain an ampersand. It's supposed to be done as &amp; (Ampersand, alpha, micahel, paul, semicolon... in case that doesn't come through)..

If a visitor has cookies disabled the session info is coded into all the links on every page. Most of this links are built with an unescaped ampersand. How would one go about changing ALL those links to the proper code. I really hope there is a single function somewhere that generates all those links. I was digging around in session.php it looks like it should be in there someplace, I just can't find it..

Could somebody steer me towards the right place to make this (hopefully) minor change..

Http://www.printersquid.com.

Thanks..

This post has been edited by.

Nerd3d.

: 26 September 2004, 00:18..

Comment #7

I think you are misreading things. HTML source is not supposed to contain an unescaped ampersand - it is represented as &amp; in the source. In URLs, & is used as an item separator in dynamic queries and that is perfectly fine. There is nothing to change...

Comment #8


This question was taken from a support group/message board and re-posted here so others can learn from it.