W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2008

Re: punctuation and path names

From: Werner Baumann <werner.baumann@onlinehome.de>
Date: Wed, 28 May 2008 11:17:23 +0200
Message-ID: <483D2323.8050204@onlinehome.de>
To: w3c-dist-auth@w3.org

There is still a problem with the approach taken by davfs2.

Within HTTP, "on the wire", URLs must be %-encoded as mentioned by Tim. 
A "/" within a path-segment will be represented by "%2f". But when used 
as path-separator, "/" must *not* be encoded. At some point a  client 
will have to decode the URL-path-component. davfs2 stores the URL-path 
in its decoded form and encodes it again when used in a request.

But in this case, it can not distinguish between "/" as path-separator 
and "/" within a path-segment. So you better store the URL-path in its 
%-encoded form as received from the server. You still have to check for 
trailing-slash-errors (I had a report about a server that does not 
accept URLs when send exactly as received from the server, because it 
mixed up the trailing-slash-rules).

Very strange:
I just tested with Windows2000 and WindowsServer2003. Both of them did 
*not* allow to create file-names containing a "/"-character. Did 
Microsoft change this good policy to the bad in XP?

"/" is the path-separator in HTTP. As today everything can end up in the 
  World Wide Web, "/"-characters in file-names should always be rejected.

Werner
Received on Wednesday, 28 May 2008 09:42:05 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:16 GMT