W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1999

mistaken reference to "unsafe" in RFC 2616

From: Roy T. Fielding <fielding@kiwi.ICS.UCI.EDU>
Date: Fri, 10 Sep 1999 19:36:37 -0700
To: Anders Edenbrandt <Anders.Edenbrandt@radio.ausys.se>
cc: http-wg@hplb.hpl.hp.com
Message-ID: <199909101936.aa13278@gremlin-relay.ics.uci.edu>
Actually, RFC 2616 should have said simply

    Characters other than those in the "reserved" set (see RFC 2396 [42])
    are equivalent to their ""%" HEX HEX" encoding.

The reason being that excluded characters will not appear in a valid URI,
and thus it doesn't matter if encoded excluded characters might
mistakenly be compared equal to their non-encoded character.

Thanks for the report,

....Roy

In message <C0E81C20AD21D311BDB200805FCCD9411C1B39@aunt9.ausys.se>,
Anders Edenbrandt writes:
>
>Hello,
>
>In the latest HTTP standard (RFC 2616), in section 3.2.3 "URI Comparison",
>it says:
>	Characters other than those in the "reserved" and "unsafe" sets (see
>   	RFC 2396 [42]) are equivalent to their ""%" HEX HEX" encoding.
>
>However, RFC 2396 has no definition of a character set called "unsafe".
>The former HTTP standard (RFC 2068) makes this definition:
>
>	unsafe         = CTL | SP | <"> | "#" | "%" | "<" | ">"
>
>Is this the character set you mean? Or is it all the characters mentioned
>in section 2.4.3 "Excluded US-ASCII Characters" in RFC 2396? That is,
>in addition to the characters above also the following:
>
>	unwise      = "{" | "}" | "|" | "\" | "^" | "[" | "]" | "`"
>
>
>I would be grateful for a clarification on this point.
>
>Yours sincerely,
>
>Anders Edenbrandt, Ph.D.
>
>***
>Anders Edenbrandt
>AU-System Radio AB
>SE-223 70  Lund, SWEDEN
>Phone: +46-46-286 32 36, Fax: +46-46-286 56 20
>Mobile: +46- 705-37 32 36
>mailto:Anders.Edenbrandt@radio.ausys.se , http://www.ausys.se
Received on Saturday, 11 September 1999 03:38:19 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:33 EDT