- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 23 Dec 2014 10:20:56 +0100
- To: "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, Sam Ruby <rubys@intertwingly.net>, Bjoern Hoehrmann <derhoermi@gmx.net>
- CC: "public-ietf-w3c@w3.org" <public-ietf-w3c@w3.org>
On 2014-12-23 08:56, "Martin J. Dürst" wrote: > On 2014/12/23 15:59, "Martin J. Dürst" wrote: > >>>>> That is indeed a regular expression. I'll even grant that it seems >>>>> likely to handle valid URIs correctly. My concern is that it also >>>>> processes a large number of invalid URIs, for example: >>>>> "http://192.168.0.257" > >>> I base my assertion that this is not a valid URI based on the following >>> quote from RFC 3986: >>> >>> IPv4address = dec-octet "." dec-octet "." dec-octet "." dec-octet >>> >>> dec-octet = DIGIT ; 0-9 >>> / %x31-39 DIGIT ; 10-99 >>> / "1" 2DIGIT ; 100-199 >>> / "2" %x30-34 DIGIT ; 200-249 >>> / "25" %x30-35 ; 250-255 >>> >>> Do you come to a different conclusion? >> >> No, of course not. The '7' in '257' doesn't match %x30-35. > > Just for the record: > Björn was correct that this matches the reg-name production. Yep. That being said: I'm not a big fan of putting too much detail into the ABNF. I believe it makes more sense to use the ABNF for the rough syntax only, and to specify additional constraints in prose. This case is an example for how it can be confusing. Best regards, Julian
Received on Tuesday, 23 December 2014 09:21:38 UTC