© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
The whitelist is currently:
" !\"#$%&
Normally browsers do not send # or any following content to the server. It feels like it ought not be included.
Normally spaces should be url-encoded as %20. It feels like it ought not be included.
$() ` | {} all feel likely to be attempts to tickle shells in various ways and unlikely to be useful in "real" redirects. I think these ought not be included.
Thanks