[usefor] Trailing whitespace in header fields
Julien ÉLIE <julien@trigofacile.com> Sun, 07 August 2016 20:05 UTC
Return-Path: <julien@trigofacile.com>
X-Original-To: usefor@ietfa.amsl.com
Delivered-To: usefor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0124112D196 for <usefor@ietfa.amsl.com>; Sun, 7 Aug 2016 13:05:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.002
X-Spam-Level:
X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Zwcq5ee3Lfv for <usefor@ietfa.amsl.com>; Sun, 7 Aug 2016 13:05:15 -0700 (PDT)
Received: from smtp.smtpout.orange.fr (smtp06.smtpout.orange.fr [80.12.242.128]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3813A12D09B for <usefor@ietf.org>; Sun, 7 Aug 2016 13:05:14 -0700 (PDT)
Received: from macbook-pro-de-julien-elie.home ([92.170.5.52]) by mwinf5d11 with ME id UL5B1t00E17Lgi403L5CKH; Sun, 07 Aug 2016 22:05:12 +0200
X-ME-Helo: macbook-pro-de-julien-elie.home
X-ME-Auth: anVsaWVuLmVsaWU0ODdAd2FuYWRvby5mcg==
X-ME-Date: Sun, 07 Aug 2016 22:05:12 +0200
X-ME-IP: 92.170.5.52
X-Mozilla-News-Host: snews://news.individual.net:563
From: Julien ÉLIE <julien@trigofacile.com>
Organization: TrigoFACILE -- http://www.trigofacile.com/
To: usefor@ietf.org
Message-ID: <e4e43176-dd01-ee08-b8ec-8e11294fa00c@trigofacile.com>
Date: Sun, 07 Aug 2016 22:05:11 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/usefor/sCYLUzVNAB0dGkjud-LXjqM1hlA>
Subject: [usefor] Trailing whitespace in header fields
X-BeenThere: usefor@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of usefor issues." <usefor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/usefor>, <mailto:usefor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/usefor/>
List-Post: <mailto:usefor@ietf.org>
List-Help: <mailto:usefor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/usefor>, <mailto:usefor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Aug 2016 20:05:18 -0000
Hi, I am currently looking at the checks an injecting server is supposed to perform regarding the syntax of header fields. I am a bit confused by Appendix A.1 of RFC 3977, that gives rules for the format of Netnews articles: A.1. Header Folding Both email and Netnews articles are required to have at least one octet other than space or TAB on each header line. Thus, folding can only happen at one point in each sequence of consecutive spaces or TABs. Netnews articles are further required to have the header name, colon, and following space all on the first line; folding may only happen beyond that space. Finally, some non-conforming software will remove trailing spaces and TABs from a line. Therefore, it might be inadvisable to fold a header after a space or TAB. For maximum safety, header lines SHOULD conform to the following syntax rather than to that in Section 9.7. header = header-name ":" SP [header-content] CRLF header-content = [WS] token *( [CRLF] WS token ) The ABNF syntax, as well as the introductory text in Appendix A.1: a/ allows a space as the only contents of a header field body; b/ allows header field bodies with only a space in their first line; c/ disallows trailing whitespace. This syntax is given as a SHOULD. If we have a look at Section 2.2 of RFC 5536, we have: o All agents MUST generate header fields so that at least one space immediately follows the ':' separating the header field name and the header field body (for compatibility with deployed software, including NNTP [RFC3977] servers). News agents MAY accept header fields that do not contain the required space. o Every line of a header field body (including the first and any that are subsequently folded) MUST contain at least one non- whitespace character. NOTE: This means that no header field body defined by or referenced by this document can be empty. As a result, rather than using the <unstructured> syntax from Section 3.2.5 of [RFC5322], this document uses a stricter definition: unstructured = *WSP VCHAR *( [FWS] VCHAR ) *WSP So, mixed together, it means that a/ and b/ are finally disallowed, which is fine (the MUST of RFC 5536 is stronger that the SHOULD of RFC 3977). But c/ is still disallowed as a SHOULD. It means that trailing whitespace SHOULD NOT be present in Netnews header field lines. (RFC 3977 uses a stricter definition of "unstructured" than RFC 5536!) Is it really a rule to enforce for Netnews articles? And does someone know why this is not mentioned at all in RFC 5536? -- Julien ÉLIE « Life is short… so eat dessert first! »
- Re: [usefor] Trailing whitespace in header fields Julien ÉLIE
- [usefor] Trailing whitespace in header fields Julien ÉLIE
- Re: [usefor] Trailing whitespace in header fields Russ Allbery