Re: Permitted characters for http keys

Could we get away with redefining this as simply...

    "-" / "." / "_"  / DIGIT / ALPHA

With an 8-bit length restriction? (That is, length represent by a single
unsigned byte)

Given all evidence of current practice, these constraints appear quite
reasonable.
 On Feb 25, 2013 2:36 AM, "Mark Nottingham" <mnot@mnot.net> wrote:

> Right now, the syntax is:
>
>   header-field   = field-name ":" OWS field-value BWS
>   field-name     = token
>   token          = 1*tchar
>   tchar          = "!" / "#" / "$" / "%" / "&" / "'" / "*"
>                     / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
>                     / DIGIT / ALPHA ; any VCHAR, except special
>
>
>
> On 25/02/2013, at 7:57 PM, Martin J. Dürst <duerst@it.aoyama.ac.jp> wrote:
>
> > Hello Roberto,
> >
> > What do you mean with "header key"? Do you mean header field names? E.g.
> the "Host" in the host header (field), and so on?
> >
> > In that case, I agree. Please note that [RFC5322] allows all US-ASCII
> printable characters except ":" in optional header field names (Section
> 3.6.8). I had to learn this (and the "header field", "header field
> name",... terminology) while working on RFC 6068.
> >
> > I'm not sure this also applies to HTTP, but it may as well do so. Of
> course, a header field name like "^$&%*@(!]" really makes no sense at all,
> but that's a separate issue.
> >
> > Regards,   Martin.
> >
> > On 2013/02/20 5:45, Roberto Peon wrote:
> >> Right now I believe we allow a wider encoding for HTTP keys than is
> >> necessary.
> >>
> >> Does anyone know of any non-crazy use for character values>  127 in the
> >> header keys (because I really can't think of any)?
> >>
> >> -=R
> >>
> >
>
> --
> Mark Nottingham   http://www.mnot.net/
>
>
>
>
>

Received on Monday, 25 February 2013 15:59:14 UTC