IETF Logo Mail Archive

Re: WGLC: draft-ietf-appsawg-http-forwarded-02.txt - section 5.1

John Sullivan <jsullivan@velocix.com> Mon, 14 May 2012 13:22 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3028C21F8627 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 May 2012 06:22:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.316
X-Spam-Level:
X-Spam-Status: No, score=-6.316 tagged_above=-999 required=5 tests=[AWL=4.283, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ScjYXEGAKbLJ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 May 2012 06:22:05 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 8A2C721F85F6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 14 May 2012 06:22:05 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.69) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1STvD4-0006Nz-Ko for ietf-http-wg-dist@listhub.w3.org; Mon, 14 May 2012 13:21:10 +0000
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.69) (envelope-from <JSullivan@velocix.com>) id 1STvCn-0006Km-0m for ietf-http-wg@listhub.w3.org; Mon, 14 May 2012 13:20:53 +0000
Received: from mail-out1.velocix.com ([81.134.152.10] helo=owa.velocix.com) by maggie.w3.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from <JSullivan@velocix.com>) id 1STvCk-0008VK-75 for ietf-http-wg@w3.org; Mon, 14 May 2012 13:20:51 +0000
Received: from orthrus.eng.velocix.com (172.18.32.42) by exccam.corp.velocix.com (172.18.4.40) with Microsoft SMTP Server (TLS) id 14.2.247.3; Mon, 14 May 2012 14:20:22 +0100
Message-ID: <4FB10696.5040508@velocix.com>
Date: Mon, 14 May 2012 14:20:22 +0100
From: John Sullivan <jsullivan@velocix.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.21) Gecko/20090320 Fedora/2.0.0.21-1.fc10 Thunderbird/2.0.0.21 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Willy Tarreau <w@1wt.eu>
CC: Andreas Petersson <andreas@sbin.se>, Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
References: <4FA02AEA.1080407@isode.com> <0A15D230-F8D2-498F-894B-86A3C987C456@mnot.net> <aae9c9339c5d775b57e0371b609b9334@treenet.co.nz> <20120504113403.5a65e4ff@hetzer> <4FA5D74A.4020900@treenet.co.nz> <20120506055104.GB8105@1wt.eu> <20120514135554.551063c0@hetzer> <20120514123746.GJ1694@1wt.eu>
In-Reply-To: <20120514123746.GJ1694@1wt.eu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [172.18.32.42]
Received-SPF: none client-ip=81.134.152.10; envelope-from=JSullivan@velocix.com; helo=owa.velocix.com
X-W3C-Hub-Spam-Status: No, score=-1.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01
X-W3C-Scan-Sig: maggie.w3.org 1STvCk-0008VK-75 2ec27dc4a2bc603acb226809cfdf45b1
X-Original-To: ietf-http-wg@w3.org
Subject: Re: WGLC: draft-ietf-appsawg-http-forwarded-02.txt - section 5.1
Archived-At: <http://www.w3.org/mid/4FB10696.5040508@velocix.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/13537
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Resent-Message-Id: <E1STvD4-0006Nz-Ko@frink.w3.org>
Resent-Date: Mon, 14 May 2012 13:21:10 +0000

Willy Tarreau wrote:
> That's a good point. I must say I've never seen a Location or Referer
> header being quoted despite their wide use of "[/:]" which are marked
> as special chars. I'll raise a new issue on this subject.

That is because those headers are defined as:

   Referer = absolute-URI / partial-URI
   Location = URI-reference
   Content-Location = absolute-URI / partial-URI

The allowed character set and escaping rules are those that apply
to those productions from RFC 3986. Those particular characters may
have special meaning within a URI, depending on their position and
URI construction, and must be % HEX HEX encoded to avoid said special
meaning, but the header values do not need to be otherwise quoted or
escaped beyond the [URI] rules.

The Forwarded header uses:

   Forwarded-v = 1#( token "=" ( token / quoted-string ) *( ";" ... ) )

Compare this with Cache-Control (which is the same but without ";"
parameters) and Content-Type/Accept (which is the same except with an
initial value that is a ( type "/" subtype ) media type, including a
literal "/" character.

So if the desired value doesn't "fit into" token, it must be a
quoted-string, where "\" is used as an escape character. Also as
httpbis puts it:

   A parameter value that matches the token production can be
   transmitted as either a token or within a quoted-string.  The quoted
   and unquoted values are equivalent.

Quite a different grammar!

Variations on that theme have sufficient use within RFC 2616/httpbis
that I think it's good to use something broadly similar. People
operating in that area ought to have the component parsers readily
available and understand their use well enough to compose them into
a total parser for the grammar defined here.

It could be argued that by limiting values to quoted-string alone any
required value can be represented and one cuts off one avenue for
confusion/incompatibility, but I think defining a new base character
set should be done only as a last resort.

John
--

v2.23.0 | Report a Bug | By Email