Re: Ambiguities in header-field rules (p1-messaging)
Amos Jeffries <squid3@treenet.co.nz> Thu, 18 August 2011 03:18 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4709921F87D6 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 17 Aug 2011 20:18:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.569
X-Spam-Level:
X-Spam-Status: No, score=-10.569 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1wQ1XCu9ie-H for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 17 Aug 2011 20:18:36 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id A5A7221F87C9 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 17 Aug 2011 20:18:36 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.69) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Qtt7M-0003wC-3C for ietf-http-wg-dist@listhub.w3.org; Thu, 18 Aug 2011 03:18:04 +0000
Received: from aji.keio.w3.org ([133.27.228.206]) by frink.w3.org with esmtp (Exim 4.69) (envelope-from <squid3@treenet.co.nz>) id 1Qtt6Z-0003ug-Ih for ietf-http-wg@listhub.w3.org; Thu, 18 Aug 2011 03:17:15 +0000
Received: from [2002:3a1c:99e9:0:206:5bff:fe7c:b8a] (helo=treenet.co.nz) by aji.keio.w3.org with esmtp (Exim 4.72) (envelope-from <squid3@treenet.co.nz>) id 1Qtt6W-0001Ho-5t for ietf-http-wg@w3.org; Thu, 18 Aug 2011 03:17:14 +0000
Received: by treenet.co.nz (Postfix, from userid 33) id A442DE6EEC; Thu, 18 Aug 2011 15:16:38 +1200 (NZST)
To: ietf-http-wg@w3.org
X-PHP-Originating-Script: 0:func.inc
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Date: Thu, 18 Aug 2011 15:16:38 +1200
From: Amos Jeffries <squid3@treenet.co.nz>
In-Reply-To: <4E4C013D.2090407@cyblogic.de>
References: <4E4C013D.2090407@cyblogic.de>
Message-ID: <88b489507e504d9eef318438194f929e@treenet.co.nz>
X-Sender: squid3@treenet.co.nz
User-Agent: Roundcube Webmail/0.5.1
Received-SPF: permerror client-ip=2002:3a1c:99e9:0:206:5bff:fe7c:b8a; envelope-from=squid3@treenet.co.nz; helo=treenet.co.nz
X-W3C-Hub-Spam-Status: No, score=-1.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RDNS_NONE=0.793
X-W3C-Scan-Sig: aji.keio.w3.org 1Qtt6W-0001Ho-5t 712dc765ec428ac93d56f54447e130d8
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Ambiguities in header-field rules (p1-messaging)
Archived-At: <http://www.w3.org/mid/88b489507e504d9eef318438194f929e@treenet.co.nz>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/11211
X-Loop: ietf-http-wg@w3.org
Sender: ietf-http-wg-request@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Resent-Message-Id: <E1Qtt7M-0003wC-3C@frink.w3.org>
Resent-Date: Thu, 18 Aug 2011 03:18:04 +0000
On Wed, 17 Aug 2011 19:58:21 +0200, Frank Mertens wrote:
> Hi,
>
> I played around with the ABNF published by this WG and stumbled
> over some rough edges.
>
> Current rules:
>
> OWS = *( [ obs-fold ] WSP )
> header-field = field-name ":" OWS [ field-value ] OWS
> field-value = *( field-content / OWS )
> field-content = *( WSP / VCHAR / obs-text )
>
> Problems:
>
> - field-value and field-content match the empty symbol,
> which requires searching for the longest match, which is costly
> (and confusing for the human reader)
> - because field-value matches the empty symbol claiming it optional
> in header-field allows ambiguous productions of same length
> (with or without field-value of zero length?)
>
> Suggested improvement:
>
> field-value = 1*( field-content OWS )
> field-content = 1*( VCHAR / WSP / obs-text )
>
> Best Regards,
> Frank Mertens.
The OWS on header-field remains ambiguous as well.
Also, with WSP being in field-content there is the possibility of
header-field matching:
field-name ":" [ obs-fold ] 1*( WSP OWS ) OWS
Nasty. But section 3.2 comes to the rescue:
"The field value does not include any leading or trailing white space"
and
"HTTP/1.1 senders MUST NOT produce messages that include line folding"
So OWS in the field-value ABNF appears to be invalid in several ways
going by the text.
Perhapse this would be better:
header-field = field-name ":" [ WSP ] BWS [ field-value ]
field-value = 1*( field-content BWS )
field-content = 1*( VCHAR / WSP / obs-text )
Nit: section 1.2.2 currently says:
"Multiple OWS octets that occur within field-content
SHOULD be replaced with a single SP before interpreting the field
value or forwarding the message downstream."
...
"Multiple RWS octets that occur within field-content SHOULD be
replaced with a single SP before interpreting the field value or
forwarding the message downstream.
"
When there is no OWS or RWS in the field-content ABNF.
I think both should say header-field instead of field-content. Or maybe
drop the "within field-content" condition to make it general.
AYJ
- Ambiguities in header-field rules (p1-messaging) Frank Mertens
- Re: Ambiguities in header-field rules (p1-messagi… Amos Jeffries
- Re: Ambiguities in header-field rules (p1-messagi… Frank Mertens
- Re: Ambiguities in header-field rules (p1-messagi… Frank Mertens
- Re: Ambiguities in header-field rules (p1-messagi… Amos Jeffries
- Re: Ambiguities in header-field rules (p1-messagi… Frank Mertens
- Re: Ambiguities in header-field rules (p1-messagi… Roy T. Fielding
- Re: Ambiguities in header-field rules (p1-messagi… Julian Reschke