W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2005

Re: [Bug 201] LWS allowed in Coded-URL

From: Julian Reschke <julian.reschke@gmx.de>
Date: Tue, 06 Dec 2005 20:10:06 +0100
Message-ID: <4395E20E.7000706@gmx.de>
To: Jim Whitehead <ejw@soe.ucsc.edu>
CC: Lisa Dusseault <lisa@osafoundation.org>, WebDAV WG <w3c-dist-auth@w3.org>

Jim,

I think we do understand what RFC2616 says.

The question is, what are the exceptions in 2518bis that we need to 
state? If it applies to "opaquelocktoken", it also applies to 
"Coded-URL" and "Timeout", right?

Best regards, Julian



Jim Whitehead wrote:
> 
> I think we're covered by this, from 2.2 in RFC 2616:
> 
>    Many HTTP/1.1 header field values consist of words separated by LWS
>    or special characters. These special characters MUST be in a quoted
>    string to be used within a parameter value (as defined in section
>    3.6).
> 
>        token          = 1*<any CHAR except CTLs or separators>
> 
> and, from 2.1:
> 
> implied *LWS
>       The grammar described by this specification is word-based. Except
>       where noted otherwise, linear white space (LWS) can be included
>       between any two adjacent words (token or quoted-string), and
>       between adjacent words and separators, without changing the
>       interpretation of a field. At least one delimiter (LWS and/or
>       separators) MUST exist between any two tokens (for the definition
>       of "token" below), since they would otherwise be interpreted as a
>       single token.
> 
> 
> - Jim
> 
> 
> 
> On Dec 4, 2005, at 8:26 AM, Lisa Dusseault wrote:
> 
>>
>> If I understand correctly, that's not the only place where RFC2616's 
>> LWS rules get us into trouble.
>>
>>    TimeOut = "Timeout" ":" 1#TimeType
>>    TimeType = ("Second-" DAVTimeOutVal | "Infinite")
>>    DAVTimeOutVal = 1*digit
>>
>> Applying the 2616 word-based grammer to those rules, we could have 
>> Timeout headers like
>>
>>   Timeout: Second-               1111
>>
>>   Timeout: Second-1   1   1   1
>>
>> Is my understanding of 2616 BNF grammar correct?  I'm not sure if 
>> 1*DIGIT is one token or several, so it's not entirely clear to me if 
>> the second example is allowed.  Certainly the intent of 2616 is not to 
>> allow that because values like Content-Length are defined as 1*DIGIT.
>>
>> Lisa
>>
>> On Dec 4, 2005, at 1:09 AM, bugzilla@soe.ucsc.edu wrote:
>>
>>> http://ietf.cse.ucsc.edu:8080/bugzilla/show_bug.cgi?id=201
>>>
>>> julian.reschke@greenbytes.de changed:
>>>
>>>            What    |Removed                     |Added
>>> ---------------------------------------------------------------------------- 
>>>
>>>          AssignedTo|julian.reschke@greenbytes.de|lisa@osafoundation.org
>>>
>>>
>>>
>>> ------- Additional Comments From julian.reschke@greenbytes.de  
>>> 2005-12-04 01:09 -------
>>> Explanation:
>>> <http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.2.1.p.11>
>>>
>>> Suggested change: state that LWS is not allowed here, just like in the
>>> grammar for "opaquelocktoken".
>>>
>>>
>>>
>>> ------- You are receiving this mail because: -------
>>> You are the assignee for the bug, or are watching the assignee.
>>
> 
> 
> 


-- 
<green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760
Received on Tuesday, 6 December 2005 19:12:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:11 GMT