W3C home > Mailing lists > Public > uri@w3.org > August 2004

Re: Helping out with canonicalization of URIs

From: Sam Ruby <rubys@intertwingly.net>
Date: Mon, 09 Aug 2004 14:45:50 -0400
Message-ID: <4117C65E.9010704@intertwingly.net>
CC: uri@w3.org, Atom WG <atom-syntax@imc.org>

Roy T. Fielding wrote:
> On Monday, August 9, 2004, at 08:39  AM, Graham Klyne wrote:
>> At 08:54 09/08/04 -0400, Sam Ruby wrote:
>>>   http://:@example.com/
>> I'd say that's different from http://example.com/, in that it contains 
>> empty username/password values, which the latter does not.  For 
>> example, following the exhortation not to expose passwords, my 
>> software would (by default) display this as:
>>   http://:********@example.com/
>> whereas the other would be displayed unchanged.
>> (I'm not claiming this is a *useful* distinction, but lacking any text 
>> that says a null username/password is the same as having no 
>> username/password, I'd say that it does exist.)
> Yes, and it is a useful distinction because it defines how the user
> agent should respond to an initial authentication request, whereas
> without the colon the user agent is not supposed to try authenticating
> on its own.

A follow up question then, how about:


> Right, the only thing it might make sense to add is a bullet explicitly
> restating what is already said about an empty port in 6.2.3.  However,
> this is not a conformance issue since all normalization is optional.

I would find it to be helpful if a simple statement that empty 
fragments, queries, passwords (or possibly userinfo) are to be preserved 
by canonicalization.

- Sam Ruby
Received on Monday, 9 August 2004 18:45:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:25:08 UTC