- From: Adam Barth <w3c@adambarth.com>
- Date: Thu, 24 Mar 2011 21:22:13 -0700
- To: "=JeffH" <Jeff.Hodges@kingsmountain.com>
- Cc: W3C Web Security Interest Group <public-web-security@w3.org>
Just a quick response to one of your points. On Wed, Mar 23, 2011 at 4:55 PM, =JeffH <Jeff.Hodges@kingsmountain.com> wrote: > 4. Grammar issues/comments: > > The text in S3.4.1 indicates that a "host" can be null, but.. > > host = [ "*." ] 1*host-char *( "." 1*host-char ) > / "*" > > ..should first "1*host-char" be " *host-char " ? ie can "host" be null ? > > ah --- the nullness is in the source production... > > source = scheme ":" > / ( [ scheme "://" ] host [ port ] ) > / "'self'" > ; <scheme> production from RFC 3986 > > ..in that source can have just a " scheme: ". > > > Port also can't be null on its own.. > > port = ":" ( 1*DIGIT / "*" ) > > > These could be re-written so that their being null is a property of those > productions themselves rather than a property of the source production - > this might be more clear. > > Unless there's some subtle advantage to having the grammar as presently > specified that I'm missing? There's a problem with ambiguity if we let these fields be null unto themselves: a: is that a scheme without a host or a host without a port? Host could possibly be nullable unto itself, but that would be pretty non-sensical: http://:8080 Adam
Received on Friday, 25 March 2011 04:23:18 UTC