Re: partial URLs ? (was <p> ... </p>)

On Wed 20 Dec, 1995, Jon Wallis <j.wallis@wlv.ac.uk> wrote:
>At 13:19 19/12/95 -0600, BearHeart/Bill Weinman wrote:
>>
>>   The problem with the parial URLs may be the "../" references. 
>>
>>   Some servers, and perhaps some browsers too, disallow them because 
>>they've been abused to get around security measures. 
>
>That really shouldn't be a problem if the system is set up right - but since
>so many systems are poorly set up in terms of security  I can believe it.
>
>However, it doesn't make sense to stop a browser using relative URLs, since
>the browser on its own can't pose a security threat.  Also, not being able

Indeed. The spec specifies that relative/partial urls will work, and
the valid forms. (You can do "./" rather than having to use "index.html"
or other uglyness, for example).

Servers do indeed drop '..' parts so that someone can't try
and reference a document outside the 'document tree'. That's only wise.

A browser not implementing relative URLs is broken.

-- jrg.

Received on Wednesday, 20 December 1995 06:38:19 UTC