Enough reasons to submit an RFE for removing or modifying the URL double encoding from an Eclipse client, 4.0.3 and higher ?
As per jazz forum post 177137, our external customers RTC access from Eclipse client is blocked by our TMG. which blocks double encoded URLs.
Does IBM need to turn to URL double encoding, increasing security risk:
IBM introduced URI double encoding into 4.0.3 Eclipse client to resolve Defect 251859.
We are thinking of submitting an RFE to either remove or modify this double encoding, based on below reasons. Would appreciate your thoughts on keeping the encoding or on jumping on the band wagon with us, if an RFE is submitted.
Does IBM need to turn to URL double encoding, increasing security risk:
- to deal with "Error: Invalid URI encountered when uri contains user with a space in their login name (as an approver)"
- which only happens in limited circumstances; instead of just either disallow blank in login name or offer a different fix which is of limited scope and affecting less of other normal use of the RTC.
- And if there are enough customers running into the issues in the defect, a special version of the Eclipse client can be offered without affecting the general body of users.
- Also, why it has to be full URL double encoding when the URL only needs to go through a second pass of encoding only unencoded blanks.