- From: Martin J. Dürst <duerst@it.aoyama.ac.jp>
- Date: Fri, 03 Aug 2012 16:59:07 +0900
- To: "Adrien W. de Croy" <adrien@qbik.com>
- CC: James M Snell <jasnell@gmail.com>, Poul-Henning Kamp <phk@phk.freebsd.dk>, Mike Belshe <mike@belshe.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 2012/08/03 14:15, Adrien W. de Croy wrote: > From: "Martin J. Dürst" <duerst@it.aoyama.ac.jp> >> Yes, a '#' or '?' in a path segment and similar stuff still have to be >> %-encoded. > > if we're defining a new binary-safe transport for header values, > shouldn't we try to avoid all multiplexing / escaping and parsing of > strings? > > e.g. just put querystring in another "header" instead. Then anything can > contain '?' Well, yes, but then you might have a '=' or a '&' in an parameter value (hopefully not in a parameter name), and you will have to escape that. And then you could create separate headers (or what not) for each parameter name/value pair, but that would be in conflict with the understanding that the syntax details of query parts are essentially between the client application and the server. > same with fragments (#) although I thought these weren't allowed on the > wire... Yes, the aren't sent. > In fact the concept of a single string which is a URI could be > deprecated for 2.0 and just be sent as individual fields in a request. For some cases, such as chopping off the query part, that might work and be a good idea (e.g. for privacy reasons as Poul-Henning notes in a followup), but in general, it's a slippery slope, and it may be really difficult to get rid of escaping altogether. Regards, Martin.
Received on Friday, 3 August 2012 08:00:18 UTC