Re: partial URLs ? (was <p> ... </p>)

William C. Cheng (
Wed, 20 Dec 1995 23:02:58 -0500

Message-Id: <>
Subject: Re: partial URLs ? (was <p> ... </p>) 
In-Reply-To: Your message of "Wed, 20 Dec 1995 19:59:18 CST."
Date: Wed, 20 Dec 1995 23:02:58 -0500
From: "William C. Cheng" <>

John Franks <> wrote:
> As I recall the draft RFC for URL's specifies that certain characters
> (like space) are forbidden, certain (like '?') have special meaning
> and otherwise the "path" part of a URL is an opaque string (which, in
> particular, may have nothing to do with a path).  Neither '/' nor '.'
> are forbidden or have special meaning.  They do have special meaning
> *for some implementations* and no special meaning for others.
> Likewise the colon may have special meaning for some implementations
> and not for others.
> The fact that certain strings may represent securtity risks for
> some implementations does not automatically make them illegal.
> I don't believe that "/../" is forbidden in HTTP URL's.  If
> I am wrong I would be interested in a reference. 
> It would, of course, be quite reasonable for the HTTP spec to have
> a UNIX-centric warning to implementors that they should make this
> string illegal for their implementation (or risk the consequences).

It seems to be true that "/../" is not forbidden explicitely.  Now,
can anyone give me an example where http://foo/b/../bar.html and
http://foo/bar.html should _not_ be interpreted the same way?  Forget
about the UNIX-centric business (we all know where DOS gets its "\"
and Mac gets its ":") because all these systems basically have
hierarchical file systems.  So the real question is whether a "/"
separator in an URL implies a level change in a hierarchy.
Bill Cheng // Guest at Columbia Unversity Computer Science Department
william@CS.COLUMBIA.EDU      ...!{uunet|ucbvax}!!william
WWW Home Page: <URL:>