Re: [whatwg/url] Fix: allow percent encoded code points in the non-special URLs host (#218) from Rimas on 2017-02-07 (public-webapps-github@w3.org from February 2017)

From: Rimas <notifications@github.com>
Date: Tue, 07 Feb 2017 02:53:25 -0800
To: whatwg/url <url@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/url/pull/218/c277964618@github.com>

I further investigate this problem and I think a very basic IPv6 check can help here (change [URL-host parser](https://url.spec.whatwg.org/#concept-url-host-parser) 2 step to):

2. If <var>input</var> starts with "[" and ends with "]", then if <var>input</var> between "[" and "]" contais a [forbidden host code point](https://url.spec.whatwg.org/#forbidden-host-code-point) excluding ":", syntax violation, return failure.
3. Otherwise, if <var>input</var> contains a [forbidden host code point](https://url.spec.whatwg.org/#forbidden-host-code-point) excluding "%", syntax violation, return failure. 

This disallows such weird URLs: `non-special://[:80` or `non-special://]`

And term <dfn>"forbidden opaque host code point"</dfn> (304f0ae21880634842fff05bbcf9b03975a4344) will not be required anymore.

If you agree, I can prepare a new commit.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/url/pull/218#issuecomment-277964618

Received on Tuesday, 7 February 2017 10:53:57 UTC