Re: partial URLs ? (was <p> ... </p>) from Chuck Shotton on 1995-12-21 (ietf-http-wg@w3.org from October to December 1995)

From: Chuck Shotton <cshotton@biap.com>
Date: Wed, 20 Dec 1995 20:52:44 -0600
To: John Franks <john@math.nwu.edu>, Arjun Ray <aray@pipeline.com>
Cc: connolly@beach.w3.org, j.wallis@wlv.ac.uk, BearHeart@bearnet.com, www-html@w3.org, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <v02130517acfe7b6074b3@[198.64.246.22]>

>As I recall the draft RFC for URL's specifies that certain characters
>(like space) are forbidden, certain (like '?') have special meaning
>and otherwise the "path" part of a URL is an opaque string (which, in
>particular, may have nothing to do with a path).  Neither '/' nor '.'
>are forbidden or have special meaning.

In the original URL draft spec, "/" denoted hierarcy within containers,
while ".." referenced the parent container. They were very careful to note
that there was no implicit semantic interpretation with respect to a file
system, Unix or otherwise. Whether or not the interpretation of "/" and
".." is the same in the current RFC or not, I can't say. But I can tell you
that there are enough clients and servers built upon the assumption that
"/" denotes hierarchy that removing this specificity will break lots of
stuff.

>They do have special meaning
>*for some implementations* and no special meaning for others.
>Likewise the colon may have special meaning for some implementations
>and not for others.

Beyond the set of chars above ("/","..", "?") you are right. The path
portion of a URL is generally considered to be opaque to all but the
implementing server, with the semantic exception that "/" denotes
hierarchy.

>The fact that certain strings may represent securtity risks for
>some implementations does not automatically make them illegal.
>I don't believe that "/../" is forbidden in HTTP URL's.  If
>I am wrong I would be interested in a reference.

This references the container of the root of your document tree, whatever
that means.

>It would, of course, be quite reasonable for the HTTP spec to have
>a UNIX-centric warning to implementors that they should make this
>string illegal for their implementation (or risk the consequences).

And by the same token, a warning that URL paths are not file system paths,
regardless of the one to one mapping in many servers.

--_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Chuck Shotton                               StarNine Technologies, Inc.
chuck@starnine.com                             http://www.starnine.com/
cshotton@biap.com                                  http://www.biap.com/
                      "What? Me? WebSTAR?"

Received on Wednesday, 20 December 1995 18:56:05 UTC