WSDL 2.0 URI templates from Jonathan Marsh on 2007-02-23 (uri@w3.org from February 2007)

From: Jonathan Marsh <jonathan@wso2.com>
Date: Thu, 22 Feb 2007 21:07:41 -0800
To: <uri@w3.org>
Message-ID: <000101c75708$8ff40f80$1501010a@DELLICIOUS>
I read the current thread about URI Templates with interest, as we're
struggling with some similar issues in WSDL 2.0, namely when to escape data
inserted into the template.  The mechanism we have now is roughly:

 

1)      The WSDL whttp:location attribute is a relative IRI template - that
is it can contain instances of:

a.      {element} where element is the name of an element in the instance
XML data (constrained formats only).  The template is replaced by the data,
appropriately encoded (see below).

b.      {!element} similarly, but the data is not encoded.

c.      The escaping mechanisms {{ and }} allow { and } respectively to
appear.

d.      Depending upon the media type of the ultimate request and some
additional syntactical control (whttp:locationIgnoreUncited), extra XML data
elements may be added automatically as query parameters.  The character used
to separate these automatically-added query parameters is also controllable
(whttp:queryParameterSeparator attribute).

e.      The resulting relative IRI is absolutized against a base (the
endpoint address).

f.        The full IRI is then converted to a URI using the IRI-sanctioned
mechanism.  Note that some additional ascii-range character escaping SHOULD
be performed, i.e. {},<>, and spaces.

g.      The resulting URI is used in the HTTP request.

2)      Escaping is somewhat involved, and where our latest issues have
arisen.  We are also trying to strike a balance between usefulness and
trying to prevent users from hanging themselves in all cases.  To date the
encoding changes slightly based on the context:

a.      Prior to a ? in the (relative) location template, characters outside
the rfc 3986 pchar production in the data are escaped.

b.      After a ? or # in the (relative) location template, characters
outside the rfc 3986 query production (pchar + "/" and "?", are encoded.
The query parameter separator is also encoded, so it won't conflict with the
query parameter syntax.  Automatically generated parameters are also encoded
in this way.

 

One issue we still are examining is whether to limit the query parameter
separator (currently any one character) to those characters that would not
be encoded (pchar minus %).  Or even simply to & or ;, as those seem to be
the only reasonably wide conventions for query parameter separators.

 

Another issue is whether we've made the right choices wrt encoding - we've
optimized for generating path segments, query parameters, or entire paths or
uris.  But as you can see that has led us to a certain level of complexity.

 

Any feedback or opinions you might have about this mechanism would indeed be
appreciated.  The most relevant part of the spec is at [1].

 

[1]
http://dev.w3.org/cvsweb/~checkout~/2002/ws/desc/wsdl20/wsdl20-adjuncts.html
?content-type=text/html;%20charset=utf-8#_http_operation_location_cited_ser

 

 

Jonathan Marsh -  <http://www.wso2.com> http://www.wso2.com -
<http://auburnmarshes.spaces.live.com> http://auburnmarshes.spaces.live.com
Received on Friday, 23 February 2007 05:07:55 UTC