I recently read RFC 2396 which defines the generic URI syntax and especially the URL syntax. I recognized, that
* Zope forbids many characters in ids (with the error message "not allowed in URLs"), that are legal characters in URL path segments:
generally allowed in URL's: -_.!~*'() Zope accepted: _. ~
- as well (see regex below) , is allowed in the id, sorry not sure what the term path segment means..
allowed in path segments: :@&=+$, Zope accepted: ,
This, probably, is not a big problem. But, it would be easy to fix.
Except for the fact that Zope also checks that the first character is not a _. Thats a big security headache. To be honest Im not so worried about Zope being more restrictive.
* Zope allows space characters in (ObjectManager) id's. The space is not a valid URL character.
Zope forbids spaces in property ids.
This one is much more important in my mind. Its a real pain. Is there a good reason for this. It should be easy to fix, actually looking at the regex in Object Manager, shouldn't that just be a case of taking the space out of the end of the regex? ObjectManager.py line 112: bad_id=ts_regex.compile('[^a-zA-Z0-9-_~\,\.]').search] On a more anal note could we also patch ObjectManager to tell the user what characters aren't allowed eg: line 224: 'The id "%s" contains characters illegal in URLs.' % id should be line 224: 'The id "%s" contains characters illegal in URLs. Only characters, digits and the characters ~-_,. are allowed.' % id