Re: [whatwg/url] Forbidden host code points should include all C0 controls & U+007F (#627)

Continuing the discussion here; maybe I was too quick to do a PR. 

FWIW. I really dislike the idea of failing on a different set of codepoints in opaque-hosts than in domains. 
It would introduce an inconsistency for no good reason. 

My understanding of the argument for doing that, is that otherwise the standard fails on more inputs than before, where Chrome, Firefox and other implementations do not fail.

Βut the argument to not include the controls applies to the other code points as well. 
Firefox and Chrome parse opaque hosts as a path component and they do not fail on any codepoint.

I can see no reason for failing on the exact current set of forbidden-host-codepoints in opaque-hosts, other than to maintain consistency with domains, but that consistency then will be broken.

I do think turning to percent-encoding of opaque hosts is a good solution, and it affects the same few lines in the standard. 


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/url/issues/627#issuecomment-980997667

Received on Sunday, 28 November 2021 08:27:18 UTC