- From: Anne van Kesteren <annevk@opera.com>
- Date: Thu, 29 Mar 2007 17:11:11 +0200
- To: "WAF WG (public)" <public-appformats@w3.org>
Latest draft: http://dev.w3.org/cvsweb/~checkout~/2006/waf/access-control/Overview.html?content-type=text/html;%20charset=utf-8 The current production for an access item is as follows: access-item ::= scheme "://" domain-pattern ( ":" port )? | "*" domain-pattern ::= subdomain | "*." subdomain When port is omitted it defaults to the default port for the scheme being used. It has been proposed to allow people to wildcard scheme and port as you're likely in control the completely domain. This would allow: *://example.org:* for instance. But not: example.org The problem is that wilcarding them no longer allows port to default to the scheme being used in a case like: *://example.org Maybe we should do away with the port defaulting though. How do people feel about that? If you omit port or scheme it would match regardless of the port or scheme used by the request URL (for those parts). So scheme and port would default to being wildcarded when omitted in a way. This would allow: example.org http://example.org example.org:80 And disallow: *://example.org example.org:* This approach is probably the simplest way of dealing with it. The new syntax for access item would become: access-item ::= ( scheme "://" )? domain-pattern ( ":" port )? | "*" domain-pattern ::= subdomain | "*." subdomain -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Thursday, 29 March 2007 15:11:38 UTC