- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Wed, 7 May 2014 11:59:38 +0100
- To: Joshua Cranmer <Pidgeot18@verizon.net>
- Cc: whatwg <whatwg@lists.whatwg.org>
On Wed, May 7, 2014 at 6:42 AM, Joshua Cranmer <Pidgeot18@verizon.net> wrote: > One thing I've noticed is that the specification currently aggressively > fails IPv6 address matching, so, e.g., new URL("http://[::1::]") would fail. Yes. That is based on what RFC 3986 did and browsers implemented. > (Although it allows http://[1:2:3:4:5:6::8]/ to go through whereas RFC 5952 > advises that ":: MUST NOT be used to shorten just one 16-bit 0 field.") Note that advice on best text representation is not parser advice. > However, it doesn't apply this same logic to IPv4: new URL("http://192/") is > parsed as a perfectly valid URL. Is this intentional? IPv4 is a domain that happens to match a certain pattern. There's nothing much that prevents 192 from being registered and being looked up through DNS. The distinction between IPv4 and domain starts mattering in the network layer, presumably during DNS lookup. (Note that what some browsers currently support as IPv4 addresses in URLs is a bug, maybe even a security bug of sorts. Things like http://0x12/ should not become http://0.0.0.18/ and the URL Standard forbids it.) -- http://annevankesteren.nl/
Received on Wednesday, 7 May 2014 11:00:04 UTC