Re: Ambiguity of Allowed/Recommended URI Syntax and Escaping

On Monday, November 18, 2002, at 01:02  AM, Roy T. Fielding wrote:

> The specification requires things that are necessary for 
> interoperability,
> and suggests things that are desirable for good practice/robustness.
> None of the issues you mentioned are necessary for interoperability,
> and in fact you will find that implementations don't care one way or
> the other.  That is why "?" in query is reserved instead of disallowed,
> since it is more robust for parsers to expect it to be present (and
> treat it as data) rather than not expect it and think of it as an 
> error.
> URI generators, OTOH, are encouraged to use such characters only when
> they are used according to a reserved purpose, which in the case of
> "?" inside a query means never.  That is not a contradiction, and
> certainly isn't ambiguous, since the specification both defines
> parsing and makes recommendations to URI generators.

The specification says:

 >>>

Within a query component, the characters ";", "/", "?", ":", "@",
    "&", "=", "+", ",", and "$" are reserved.

<<<

Under what situations is it encouraged that a URI generated escape 
those reserved characters in the query?

For example, given the URI

http://www.example.com/redir?uri=http://www.example.com/someplace/else/

is it suggested that the : and / be escaped for good 
practice/robustness? According to the spec, is it valid for them to be 
left un-escaped?

(I apologize if the questions seem elementary, but I want to make sure 
I understand both what the spec says, and what you have added above.)

(In the context of the query, what is the meaning of the reserved 
purpose? The usual reserved purpose of / is as a hierarchy separator, 
and when used as data in the query part it is no longer a hierarchy 
separator, correct?)

Thanks,
Jim

Received on Monday, 18 November 2002 01:54:47 UTC