Bug #9990

URI.parse and URI.encode use different RFCs

Added by lengarvey (Leonard Garvey) over 2 years ago. Updated over 2 years ago.

Target version:
ruby -v:


The latest code for URI.parse uses RFC3986 but URI.encode/URI.escape still uses the old URI::RFC2396_Parser implementation of encode. This causes problems when the specs diverge.

In RFC3986 square brackets "[" and "]" are reserved and need to be percent encoded in the query string, although they didn't in RFC2396. This means the the following url cannot be parsed by the new parser, and isn't encoded correctly by the old encoder:[]=status_id&op[status_id]=o

Here's a quick ruby script which demonstrates the issue on 2.2.0dev:

url = "[]=status_id&op[status_id]=o"
puts URI.encode(url)

The output of running this script can be seen at:

I believe a new encoder needs to be written up according to the RFC3986 spec and this should be used as the default in URI.

Related issues

Related to Ruby trunk - Feature #2542: URI lib should be updated to RFC 3986 Closed 01/01/2010


#1 [ruby-core:63462] Updated by zzak (Zachary Scott) over 2 years ago

  • Status changed from Open to Feedback

Did you see r46491?

#2 [ruby-core:63468] Updated by lengarvey (Leonard Garvey) over 2 years ago

I did see it, this bug points out that URI.escape isn't covered by that change. I'm not sure if there's a more appropriate place for that feedback besides raising this issue though. This is a separate issue to the one raised by @tenderlove in #2542 though. Aaron seems to be saying that URI.parse has changed semantics significantly and breaks existing code, this issue is demonstrate that there exists no way to properly encode a URI so that URI.parse will accept it.

#3 [ruby-core:64259] Updated by nagachika (Tomoyuki Chikanaga) over 2 years ago

  • Status changed from Feedback to Assigned

#4 [ruby-core:65806] Updated by nobu (Nobuyoshi Nakada) over 2 years ago

  • Related to Feature #2542: URI lib should be updated to RFC 3986 added

Also available in: Atom PDF