W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2007

Re: Semantic meaning of double quotation marks delimiting quoted-string

From: Geoffrey Sneddon <foolistbar@googlemail.com>
Date: Mon, 29 Oct 2007 18:37:04 +0000
Message-Id: <3FA8CD61-C06B-4D70-AC7C-55517BC8BAFA@googlemail.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, ietf-http-wg@w3.org
To: Henrik Nordstrom <henrik@henriknordstrom.net>


On 29 Oct 2007, at 02:06, Henrik Nordstrom wrote:

> To compare two quoted-string elements you need to dequote them  
> including
> removing escapes, but in practice it doesn't matter much as people are
> not usually escaping things within quoted-string unless needed (but
> sometimes forget when needed, partly due to poor specifications,  
> already
> fixed).
>
> This is quite notable in for example Digest authentication where  
> proper
> handling of quoted-string is required for the hashes to compute  
> properly
> as they are based on the value as such and not the quoted-string
> representation. (i.e a login name with " or \ in it..)
>
> It's in theory also needed for ETag processing, but it's less  
> noticeable
> as impacts on the protocol of getting this wrong is pretty minimal.

Can we put something like the above quotation into the spec, so it is  
actually spelt out somewhere (as it currently isn't, at all)?

All the best,

Geoffrey Sneddon.
Received on Monday, 29 October 2007 18:37:28 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:23 GMT