IETF Logo Mail Archive

Re: HTTP URI in the form of "http://example.com?query"

"Roy T. Fielding" <fielding@gbiv.com> Tue, 04 June 2013 17:34 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E252121F949F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 4 Jun 2013 10:34:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HS_INDEX_PARAM=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q77guWy4MefH for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 4 Jun 2013 10:34:23 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 0D75121F9C58 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 4 Jun 2013 09:02:21 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Ujtfn-0005Kx-Dr for ietf-http-wg-dist@listhub.w3.org; Tue, 04 Jun 2013 16:01:23 +0000
Resent-Date: Tue, 04 Jun 2013 16:01:23 +0000
Resent-Message-Id: <E1Ujtfn-0005Kx-Dr@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <fielding@gbiv.com>) id 1Ujtfa-0005IS-D8 for ietf-http-wg@listhub.w3.org; Tue, 04 Jun 2013 16:01:10 +0000
Received: from caiajhbdcaib.dreamhost.com ([208.97.132.81] helo=homiemail-a30.g.dreamhost.com) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <fielding@gbiv.com>) id 1UjtfV-0001yd-Cb for ietf-http-wg@w3.org; Tue, 04 Jun 2013 16:01:10 +0000
Received: from homiemail-a30.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a30.g.dreamhost.com (Postfix) with ESMTP id 2F5F321DE82; Tue, 4 Jun 2013 09:00:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gbiv.com; h=subject :mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=gbiv.com; bh=cO27j1JsrSMEq72lhaWrEOd91/I=; b=gZgh5lD/wkilSnlXY57sCrc7KkeB YIWJNDhj9dENz0TU3eF1IyxVsxm8U0r3kDTMvw+RwLaJIjGybIZZd7GCSCXkQVmh VL7YNXZK/VYR7QKAewfPg/ABldEqp0KljLCKj/K33vf82HFpXKUaTYUNF6Erd3k2 qcnV+LZzE5CcH9o=
Received: from [192.168.1.84] (99-21-208-82.lightspeed.irvnca.sbcglobal.net [99.21.208.82]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: fielding@gbiv.com) by homiemail-a30.g.dreamhost.com (Postfix) with ESMTPSA id 9496321DE55; Tue, 4 Jun 2013 09:00:23 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: text/plain; charset="iso-8859-1"
From: "Roy T. Fielding" <fielding@gbiv.com>
In-Reply-To: <CACuKZqEqTHa0uy9hjzKT9ctm3SZ9q2ySe2brrGy3v82HKVxfvQ@mail.gmail.com>
Date: Tue, 04 Jun 2013 09:00:22 -0700
Cc: Daniel Stenberg <daniel@haxx.se>, Julian Reschke <julian.reschke@gmx.de>, Roberto Peon <grmocg@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <C54A3377-A891-422D-BDFB-E14DF2E4F7A3@gbiv.com>
References: <CACuKZqFvFo2ztDBZwMVtSE54rvHthyJJc-8X-yFq=CSVMy9GXw@mail.gmail.com> <51AD8EC1.4010608@gmx.de> <CAP+FsNd3mWAtQ_Fn_Kvtx28300SO761fEZBhnm9NrHv_WQ2BjQ@mail.gmail.com> <51AD9A87.9020403@gmx.de> <CAP+FsNe9oZQPxS-8rhz=MYiLj8aceKFTCJow4wrRnXDrrgdzww@mail.gmail.com> <51AD9F87.5050603@gmx.de> <alpine.DEB.2.00.1306041215460.32021@tvnag.unkk.fr> <CACuKZqEqTHa0uy9hjzKT9ctm3SZ9q2ySe2brrGy3v82HKVxfvQ@mail.gmail.com>
To: Zhong Yu <zhong.j.yu@gmail.com>
X-Mailer: Apple Mail (2.1283)
Received-SPF: none client-ip=208.97.132.81; envelope-from=fielding@gbiv.com; helo=homiemail-a30.g.dreamhost.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-3.437, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001
X-W3C-Scan-Sig: maggie.w3.org 1UjtfV-0001yd-Cb e92a6f52f98aa372bd043d2dd0c62e39
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP URI in the form of "http://example.com?query"
Archived-At: <http://www.w3.org/mid/C54A3377-A891-422D-BDFB-E14DF2E4F7A3@gbiv.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18174
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

No, the URI is correctly handled by all relevant implementations.
There is no opportunity for error handling while parsing a URI,
so it is useless to create corner cases where a parser doesn't
know what string is associated with which component.

The ABNF in 2616 was known to be buggy since before it was even
published, so I have no interest in considering it further.

The definition of http URIs in practice is that they accept any
string, parse according to the regex in 3986, and fix such things
as an empty path as part of the request handling.  The only part
of HTTP that needs to consider this case is the creation of a
request-target, and we already have that requirement in the spec.

....Roy


On Jun 4, 2013, at 8:38 AM, Zhong Yu wrote:

> How about we add some cautionary notes on this kind of URIs:
> 1. consumers must accept them
> 2. producers should not produce them
> 3. a middle man should add the slash before forwarding it to others.
> 
> Zhong Yu
> 
> 
> On Tue, Jun 4, 2013 at 5:19 AM, Daniel Stenberg <daniel@haxx.se> wrote:
>> On Tue, 4 Jun 2013, Julian Reschke wrote:
>> 
>>> Yes, but what's the exact breakage except for one component not processing
>>> that edge case? It's an edge case after all?
>> 
>> 
>> I only recently got a bug report for curl as when we got an input such as
>> that and passed it to a particular (unspecified) proxy it would reject it as
>> illegal.
>> 
>> Thus curl nowadays will insert a slash before passing on the URL to a proxy.
>> 
>> --
>> 
>> / daniel.haxx.se
>

v2.23.0 | Report a Bug | By Email