- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 26 May 2023 07:09:46 +0200
- To: ietf-http-wg@w3.org
On 26.05.2023 00:38, Mark Nottingham wrote: > Hi Roy, > >> On 26 May 2023, at 3:21 am, Roy T. Fielding <fielding@gbiv.com> wrote: >> >> I think (b) is unnecessary given that HTTP is 8-bit clean for UTF-8 >> and we are specifically talking about new fields for which there >> are no deployed parsers. Yes, I know what it says in RFC 9110. > > Yes, the parsers may be new, but in some contexts, they may not have access to the raw bytes of the field value. Many HTTP libraries and abstractions (e.g., CGI) assume an encoding and expose strings; some of those may apply the advice that HTTP has documented for many years and assume ISO-8859-1. > ... FWIW, components that actually do assume that are safe, because in ISO-8850-1, every octet of the field value is mapped to a single character in the string, and that conversion can be undo without loss. Best regards, Julian
Received on Friday, 26 May 2023 05:09:54 UTC