httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@liege.ICS.UCI.EDU>
Subject Re: mod_proxy changes
Date Sat, 01 Jun 1996 05:42:01 GMT
>> > Why not? If the canonicalization is not determined how can its use be
>> > sanctioned in a proxy?
>> 
>> Because it should be determined -- it just isn't in practice.
> 
> Shouldn't 1.1 take the opportunity to fix this?

It can't.  URL syntax is governed by the server, and the only way to
fix it is to fix all servers such that they cannot use unreserved
characters in a reserved way.  In other words, fix all CGI scripts.

>> Yes, but it makes the proxy look broken and the proxy gets blamed.
>> It just works better if it is done as spec'd rather than assuming
>> that it is safe to canonicalize.  In general, an IETF spec tries to
>> specify those things that "just work better", in addition to the 
>> minimal requirements.
> 
> If browsers where required to canonicalize, as I suggested earlier, then any
> non-canonical request could be rejected by both proxies and servers - thus
> clearly planting the blame on the browser in all cases. And, incidentally,
> making the whole situation clearer.

Nope, the blame rests solely with the origin server and the dufus
that is doing things like http://site/[cookie]/ain't/I/neat 
for session tracking without realizing that there is no guarantee
that [] will go through unchanged.

....Roy

Mime
View raw message