W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2009

Re: Issue 194: restricting allowed characters in quoted-pair

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 16 Sep 2009 15:08:46 +0200
Message-ID: <4AB0E35E.5050707@gmx.de>
To: Mark Nottingham <mnot@mnot.net>
CC: "Roy T. Fielding" <fielding@gbiv.com>, HTTP Working Group <ietf-http-wg@w3.org>
Mark Nottingham wrote:
> So, strict BNF with a note in prose that old implementations may quote 
> other characters? Works for me.
> ...

Not convinced yet.

1) This seems to be inconsistent with how we treated other cases, such 
as when we introduced BWS ("bad whitespace") as grammar production.

2) We currently use quoted-pair both for quoted strings and comments. So 
this would need to change, and both would have to exclude different 
characters.

3) In my experience as programmer, un-escaping usually treats all 
escaped characters the same way.

4) Also, there's a chance that producers currently use a single 
escaping/quoting implementation both for comments and quoted-string, 
which would then escape '(', ')', '\' and '"'.

Thus, my proposal is to just disallow escapes, and warn about anything 
else in prose.

BR, Julian
Received on Wednesday, 16 September 2009 13:11:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:10 GMT