httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@ebuilt.com>
Subject Re: escaping/unescaping nits
Date Sat, 24 Feb 2001 01:46:54 GMT
> > > i admit, rfc2396 doesn't allow hostname escaping.
> > 
> > I expect that there will be hundreds of pieces of software that will
> > puke on i18n hostnames.  It's a lame idea to begin with, but some people
> > just have that i18n bug so far up their ass that no amount of reason
> > will set them straight.
> 
> Agreed it will take the next 10 years to adopt - if it is adopted.  But I
> find your later comment amusingly colonial.

I believe it is more important for all Internet sites to be transcribable
from bar napkins by all Internet users than it is that every language have
their own version of www.mybutthurts.com displayed in localized script.
ASCII, for all its faults, is the only international character set that
can actually be transcribed on all computer keyboards (or their software
equivalent).  Until that changes, it is foolish to localize identifiers,
even if it does give people the warm fuzzies to free the oppressed
non-English speaking people of the world.

> > It think we should do the unescape, but more so because it might lead
> > to a security problem than because I think i18n dns will be deployed.
> > 
> > OTOH, I'd be just as happy to simply reject with 403 any hostname
> > that contains a %.
> 
> We have been down that path.  And proved that it was a huge mistake.
> If you disagree, search for the number of bug reports that had to be
> closed because folks didn't read the docs.

I didn't say it would make the users just as happy.  ;-)

....Roy

Mime
View raw message