Leaving out scripts (Re: Unicode versions (Re: Criteria
forexceptional characters))
Martin Duerst
duerst at it.aoyama.ac.jp
Sun Dec 24 10:27:50 CET 2006
At 16:26 06/12/22, Erik van der Poel wrote:
>That's an interesting one. I tried it in both Firefox and IE, and both
>went to Amazon (and failed). I believe the rules say that you parse
>from the double-slash until the single-slash or the end of the URL to
>get the network location, which includes user:password at host:port, but
>http does not officially include the user:password (though some user
>agents support it).
Well, the rules in RFC 3986 (http://www.ietf.org/rfc/rfc3986.txt)
say that userinfo (which includes passwords, although they are
deprecated (see Section 3.2.1), host, and port cannot include
any slashes (unless percent-escaped, in which case they don't hurt).
>Or were you referring to non-ASCII slash look-alikes? I believe Mark
>was talking about pure ASCII.
Yes. In that case, I agree with Erik that Patrick's example
isn't a problem at all.
Regards, Martin.
>Erik
>
>On 12/21/06, Patrik Fテ、ltstrテカm <patrik at frobbit.se> wrote:
>>
>> It is worse with things like:
>>
>> http://amazon.com/foobar/foo@bogus.com/bar >
#-#-# Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University
#-#-# http://www.sw.it.aoyama.ac.jp mailto:duerst at it.aoyama.ac.jp
More information about the Idna-update
mailing list