- From: Chris Drake <christopher@pobox.com>
- Date: Tue, 26 Sep 2006 07:47:12 +1000
- To: Lisa Dusseault <lisa@osafoundation.org>
- CC: Martin Duerst <duerst@it.aoyama.ac.jp>, HTTP authentication list <ietf-http-auth@osafoundation.org>, HTTP Working Group <ietf-http-wg@w3.org>
Hi, Do not the HTTP headers from the browser already say what character encoding has been used, and do not the HTTP headers and HTML from the server beforehand dictate this stuff too? Except for the case where someone is trying to type foreign characters on a PC which can't understand them (eg: holidaymakers at net cafes where the net cafe has not installed the language they want to use) - everything should already be working just fine, yes? Kind Regards, Chris Drake Tuesday, September 26, 2006, 4:31:13 AM, you wrote: LD> I agree it would be good to update RFC2617. Is anybody going to take LD> a stab at it? LD> Lisa LD> On Sep 22, 2006, at 7:55 PM, Martin Duerst wrote: >> Many thanks to Bjoern for the detailed checking and report. >> >> My summary of the situation would be as follows: >> There is currently widely varying practice. Current implementations >> are anyways broken and non-interoperable. The main reason for this >> is most probably that there is no clear specification. This means >> that an update of RFC 2617 is desirable. The new specification >> should probably go for UTF-8, while noting that there is still >> some varying practice. >> >> Regards, Martin. >> >> >> At 01:41 06/09/23, Bjoern Hoehrmann wrote: >>> * Alexey Melnikov wrote: >>>> Does anybody know if updating RFC 2617 to say that username/ >>>> passwords >>>> are UTF-8 would break any major implementation? For example, does >>>> anybody know if a major HTTP client/server implementation assume >>>> ISO 8859-1? >>> >>> It appears that for Basic authentication the german version of >>> Internet >>> Explorer 6 running on the german version of Windows 2003 as well >>> as the >>> latest english Internet Explorer 7 release candidate running on the >>> german version of Windows XP will use something like ISO-8859-1 >>> for both >>> manual as well as XMLHttpRequest requests. Trying to use U+20AC as >>> user >>> name and password they got encoded as 0x80 (Windows-1252) for >>> manual re- >>> quests, and to '?' for XHR. Characters not included in >>> Windows-1252 come >>> out as '?' regardless of the method used. For XHR my test cases >>> include >>> documents encoded as ISO-8859-1 and UTF-8; there did not appear to be >>> any difference. >>> >>> The latest en-us version of Firefox uses UTF-8 for XHR and the lower >>> byte of the character when encoded using UTF-16BE (so for U+20AC you >>> get 0xAC) when using manual input. For manually entered http:// >>> u:p@... >>> URLs Firefox uses Windows-1252 if possible, UTF-8 otherwise. When XHR >>> is used with such a URL, it uses UTF-8. The latest en-us version of >>> Opera9 always uses UTF-8, as far as I can tell based on my limited >>> testing. Results might well be different on with different default >>> code >>> pages, language settings, and so on. Note that the illegal http:// >>> u:p@.. >>> addressing scheme allows to use arbitrary octet sequences using %hh >>> escape sequences, with some browser-specific limitations. >>> -- >>> Bj?n H?rmann ? mailto:bjoern@hoehrmann.de ? http:// >>> bjoern.hoehrmann.de >>> Weinh. Str. 22 ? Telefon: +49(0)621/4309674 ? http:// >>> www.bjoernsworld.de >>> 68309 Mannheim ? PGP Pub. KeyID: 0xA4357E78 ? http:// >>> www.websitedev.de/ >>> _______________________________________________ >>> Ietf-http-auth mailing list >>> Ietf-http-auth@osafoundation.org >>> http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http- >>> auth >> >> >> #-#-# Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University >> #-#-# http://www.sw.it.aoyama.ac.jp >> mailto:duerst@it.aoyama.ac.jp >> >> _______________________________________________ >> Ietf-http-auth mailing list >> Ietf-http-auth@osafoundation.org >> http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth LD> _______________________________________________ LD> Ietf-http-auth mailing list LD> Ietf-http-auth@osafoundation.org LD> http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth
Received on Monday, 25 September 2006 21:47:43 UTC