[whatwg/url] Disallow all C0 control and DEL codepoints in hosts (PR #673) from Alwin Blok on 2021-11-22 (public-webapps-github@w3.org from November 2021)

From: Alwin Blok <notifications@github.com>
Date: Mon, 22 Nov 2021 05:03:12 -0800
To: whatwg/url <url@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/url/pull/673@github.com>

A first pass at fixing #627 and #319

- [X] At least two implementers are interested (and none opposed):
   * Safari
   * Chrome already implement this behaviour
- [ ] [Tests](https://github.com/web-platform-tests/wpt) are written and can be reviewed and commented upon at:
   * …
- [ ] [Implementation bugs](https://github.com/whatwg/meta/blob/main/MAINTAINERS.md#handling-pull-requests) are filed:
   * Chrome: …
   * Firefox: …
   * Safari: …

* * *
This adds the C0 controls and delete to the forbidden host codepoints, as discussed in #627.
It also adapts the opaque-host-parser to percent-encode rather than fail on these code points. 

For this I added an **opaque-host percent encode set** that refers to the forbidden host codepoints. 
Please review. 
You can view, comment on, or merge this pull request online at:

  https://github.com/whatwg/url/pull/673


-- Commit Summary --

  * Disallow all C0 control and DEL codepoints in hosts

-- File Changes --

    M url.bs (17)

-- Patch Links --

https://github.com/whatwg/url/pull/673.patch

https://github.com/whatwg/url/pull/673.diff


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/url/pull/673

Received on Monday, 22 November 2021 13:03:24 UTC