[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP URI
On Fri, 21 Sep 2012, Emmanuel Dreyfus wrote:
> Philip Guenther <guenther+ldaptech@sendmail.com> wrote:
>
> > You asked what characters in an LDAP search filter have to be percent
> > encoded when including that search filter in an LDAP URI. That's the
> > question I answered above.
>
> Oh, right, there was some misunderstanding, I though you were taking
> about escaping characters in the whole URI. If we only talk about the
> filter, then everything makes sense.
>
> But I am still puzzled about if I should use \3f or %3f, or %5c3f for a
> litteral ?
If you have to ask that question, you're doing it wrong.
1) you start with a search filter encoded according to the rules in
RFC 4515.
2) To encode *that string* inside the filter part of an LDAP URL, follow
the rules in RFC 4516.
So: imagine your search filter is this:
(cn=Bob ?)
which is the *exact same filter* as this:
(cn=Bob \3f)
Those both follow the rules of RFC 4515, and have the *same meaning*.
To encode those in a URL, you have to percent-escape two of the characters
in each. In this filter:
(cn=Bob ?)
the space and the '?' must be encoded, so it would show up in a URL like
this:
ldap://ldap.example.com/???(cn=Bob%20%3f)
In this filter:
(cn=Bob \3f)
*which has the same meaning as the previous one*, the space and the
backslash must be encoded, so it would show up in a URL like this:
ldap://ldap.example.com/???(cn=Bob%20%5c3f)
Philip Guenther