Base URL handling should escape any pattern characters

Question

Base URL handling should escape any pattern characters

Closed this issue 2 years ago · 1 comments

Currently, if the base URL contains any special pattern characters such as + and *, these gain special meaning in the pattern. Instead, they should have whatever escaping is required to make them simply literal characters.

Currently, things such as this fail: new URLPattern({baseURL: 'https://chromium-review.googlesource.com/c/chromium/src/+/123456'}). Other URLs might be valid but introduce unintended wildcards.

I think it's reasonable for authors to expect that new URLPattern({baseURL}) will succeed if baseURL is a valid URL, and that it will match exactly that URL.

Answer 1 · 2022-11-02T14:35:34.000Z

Seems reasonable to me. I don't see any backward compatibility issues.

I assume this would be urlpattern backslash escaping and not percent encoding of values. We might have to be careful to detect if someone has already backslash escaped a value in the input, though.