- From: Rimas <notifications@github.com>
- Date: Mon, 30 Jan 2017 05:39:47 -0800
- To: whatwg/url <url@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 30 January 2017 13:40:22 UTC
I agree, it makes sense not to decode. Then more code points can be removed from forbidden list: - We don't needed to check these because: U+0009, U+000A and U+000D are removed by [basic URL parser](https://url.spec.whatwg.org/#concept-basic-url-parser) in step 3 "<code>#</code>", "<code>/</code>" and "<code>?</code>" are stop code points in [host state](https://url.spec.whatwg.org/#host-state) - Maybe enable IPv6: "<code>[</code>", "<code>:</code>", "<code>]</code>" ([host state](https://url.spec.whatwg.org/#host-state) guarantees that "<code>:</code>" appears only between "<code>[</code>" and "<code>]</code>") Now forbidden list for opaque hosts can be as short as: U+0000, U+0020, "<code>\\</code>", "<code>@</code>" -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/url/pull/218#issuecomment-276064668
Received on Monday, 30 January 2017 13:40:22 UTC