Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+3 votes
272 views
in Q2A Core by

Hello , there is alot wrong with using + in a path (not querystring) while you are using it on a windows server .. as windows on a default will block it for security purposes there are ways of enabling it for application bases by using web.config but that will open the application to vulnerabilities... although what i want to ask is can we replace the + to _  ... as this will make it bit more compatible for users running this on a windows server and as you said "nothing wrong" with an underscore.

if there is a certain element / files i need to look into let me know so i move on with it .

Thanks

Note: If there is no easy way or plans to make such for near future let me know so i manually allow "+" (bad practice) on the server

1 Answer

+2 votes
by
edited by

We don't officially support Windows server but this may be solved with a plugin. I think maybe you want to replace + with %2b

You can use a function override: http://docs.question2answer.org/plugins/overrides/

Override the function qa_get_one_user_html something like:

function qa_get_one_user_html($handle, $microformats=false, $favorited=false)
{
    $handle = str_replace('+', '%2b', $handle);
    return qa_get_one_user_html_base($handle, $microformats, $favorited);
}

by
thanks for the quick reply,
- I made Override Plugin and placed it in the qa-plugins and its appearing in the admin area with the code as mentioned by you .
after doing so :
-now on the home page all user names have been changed to "anonymous" and when i click that question it does show the User Avatar , and its still linked to site.com/user/User+Name .. even clicking on a question it gives me "by anonymous"
- the User Tab is also still having the Old link structure (+) ,

thank you for the assistance , what i be doing wrong ?
by
Sorry it should have "return" in front of the last line, I updated the answer. There may be some more functions you need to update, I'll check when I get a chance.
by
yes i did add that thought you skipped it as you were on a mobile .. but even then i still get "+" in the profile links .. will be grateful if you manage to see when you get a chance.. with this fixed i will be able to roll it on production site
by
for time being i just added :
    <security>
            <requestFiltering allowDoubleEscaping="true" />
    </security>
in the web.config so the links with + are working
...