- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Thu, 29 Jun 2023 09:19:42 +0000
- To: Ilari Liusvaara <ilariliusvaara@welho.com>
- cc: HTTP Working Group <ietf-http-wg@w3.org>
-------- Ilari Liusvaara writes: > 2) I think it should be specified that any direction change characters > MUST NOT affect any text surrounding the displayed string. At least > getting this wrong causes at most some screwed up text rendering. There is no way to make UniCode safe, because it is anyones guess what UniCode decides to add later. I dont think it makes any sense for us to wade into that sump, beyond a sternly written "Security Considerations" which says that UniCode is by definition unsafe. Avoiding any and all hazards related to that /at the HTTP level/, is why I still think we should base64 encode them, instead of the mutant percent-with-the-random-backslash-thrown-in currently proposed. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 29 June 2023 09:19:51 UTC