Bug #1680: URI.encode does not encode '+' (by default)
http://redmine.ruby-lang.org/issues/show/1680

Author: Xuân Baldauf
Status: Open, Priority: Normal
ruby -v: ruby 1.8.7 (2008-08-11 patchlevel 72) [i586-linux]

Many people may be tempted to use URI.encode() to produce query parameters for URLs. However, this is unwise, as URI.encode() (when invoked with just one parameter) does not encode the plus '+' character , that is, URI.encode('+')=='+'. However, almost all servers receiving a plus '+' character convert it to a space ' ' character, which results in data loss. Thus, URI.encode() should encode the plus '+' character by default. This may well mean that REGEXP::UNSAFE needs to be changed. (If, for some reason, the behaviour of URI.encode() will not be fixed, at least the unsuitability of URI.encode() for building query parameters for URLs should be stated boldly in the documentation.)

This bug applies to ruby 1.9.1p0 as well as to ruby 1.8.7 as well as JRuby 1.3.0

# irb1.9
irb(main):001:0> require 'uri'; require 'cgi'
=> true
irb(main):002:0> URI.encode('a + b')
=> "a%20+%20b"
irb(main):003:0> CGI.escape('a + b')
=> "a+%2B+b"


----------------------------------------
http://redmine.ruby-lang.org