package version page version links are not escaped correctly
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Triaged
|
High
|
Unassigned |
Bug Description
For an Ubuntu package there is a current versions page which shows each version in each pocket, for example:
https:/
In this page the version specific links, those to the right of the 'expander' arrow, are relative links to the version specific sub-page, in this example something like:
<a href="1:
<img src="/@
</a>
Where this version has an epoch, as pulseaudio does, this is formatted with a raw colon. This is ambigiously either a relative URL or a url using the protocol '1'. (This is displayed correctly in firefox but not in chromium.)
Looking at the URI spec (http://
The URI syntax is dependent upon the scheme. In general, absolute
URI are written as follows:
<
It therefore seems appropriate we either confirm this as a relative URL with a "./" prefix, or probabally more correctly encode the ":" as a % escape (I think %3A).
Analysis
========
We should escape the first segment correctly, or use the ./ hack Andy suggests. Whomever looks at the code to see how we are generating the links can decide what makes the most sense.
Thanks for the report; section 5 of of the standard covers relative references:
relativeURI = ( net_path | abs_path | rel_path ) [ "?" query ]
..
A relative reference that does not begin with a scheme name or a
slash character is termed a relative-path reference.
rel_path = rel_segment [ abs_path ]
rel_segment = 1*( unreserved | escaped |
"; " | "@" | "&" | "=" | "+" | "$" | "," )
that is, the rules for relative references are *different* to the rules for arbitrary path segments, and our url generator is getting that wrong. Chromium's behaviour is fine.