Re: [whatwg/url] Forbidden host code points should include all C0 controls & U+007F (#627)

+1 to all of:

- Expanding forbidden host code-points for domains. 
   It's strange that we allow as many characters as we do (like `!`, `$`, `(` and `)`), but I appreciate that web compatibility sometimes means allowing strange things 😄 

- Splitting forbidden host code-points for domains and opaque hosts. 
   The standard says "Typically a host serves as a network address, but it is sometimes used as opaque identifier in URLs where a network address is not necessary." It seems wrong to artificially limit what those opaque identifiers may contain and require that users accurately percent-encode them, even when they're not ambiguous.

- (Making the hostname setter more lenient. Not part of this issue, but @alwinb mentioned it and I support it).
   Typically, the setters will percent-encode forbidden characters for you. `hostname` stands alone in being far stricter and requiring the new value is perfectly encoded, else the operation fails. Since this is exposed in the JavaScript API, we could be more consistent and lenient and just do what the developer clearly intended by invoking the setter with a given value.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/url/issues/627#issuecomment-972523744

Received on Thursday, 18 November 2021 04:18:02 UTC