- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Sat, 13 Oct 2001 02:08:43 +0200
- To: Tim Bagot <tsb-w3-validator-0006@earth.li>
- Cc: "www-validator@w3.org" <www-validator@w3.org>, uri@w3.org
* Tim Bagot wrote:
>At 2001-10-12T00:42+0200, Bjoern Hoehrmann wrote:-
>
>> RFC 2396 requires checklink to do as it does, looking for
>> http://www.foo.com/../images/image.gif is the only accurate thing to do.
>
>Not quite:-
>
> g) If the resulting buffer string still begins with one or more
> complete path segments of "..", then the reference is
> considered to be in error. Implementations may handle this
> error by retaining these components in the resolved path (i.e.,
> treating them as part of the final URI), by removing them from
> the resolved path (i.e., discarding relative levels above the
> root), or by avoiding traversal of the reference.
>
>For checklink I would favour the third option, with an appropriate error
>message.
Hm, checklink relies on URI.pm, which actually implements RFC 1808:
[...]
Similarly, parsers must avoid treating "." and ".." as special when
they are not complete components of a relative path.
/./g = <URL:http://a/./g>
/../g = <URL:http://a/../g>
[...]
Note that I may create '..' paths, thus http://www.example.org/../ may
actually point to some other resource than http://www.example.org/ I
can't see anything in RFC 2396 that states such URIs are invalid, I'm
not sure if this is what I should read out of 'considered to be in
error'. How would I then create URIs to such resources? Using %2E%2E
wouldn't work either, would it?
--
Björn Höhrmann { mailto:bjoern@hoehrmann.de } http://www.bjoernsworld.de
am Badedeich 7 } Telefon: +49(0)4667/981028 { http://bjoern.hoehrmann.de
25899 Dagebüll { PGP Pub. KeyID: 0xA4357E78 } http://www.learn.to/quote/
Received on Friday, 12 October 2001 20:09:49 UTC