Via header: host ABNF could allow "," #24
Comments
|
@royfielding could you enlighten us as to why 3986 allows such a wide range of characters in reg-name? |
|
Discussed in Basel; inclination is to remove |
|
Restrict the grammar in Via. |
|
Proposal:
received-by would include...?
|
|
The difference between token and VCHAR is: Which ones do we need to allow? |
|
I believe we need to allow the following characters: Missing from VCHAR would be: Does this make sense, @royfielding ? |
|
This one has revealed an unintentional change due to the dependency on RFC2396 host being replaced by the far more permissive reg-name when we updated that to RFC3986. We should have compensated for that in RFC7230, but instead redefined uri-host incorrectly. I think the easiest fix would be to remove uri-host entirely, and simply rely on pseudonym as a sufficient grammar for both. In other words,
|
Change Via to use via-host, disallowing comma (#24)
Reported by [email protected] in https://lists.w3.org/Archives/Public/ietf-http-wg/2016OctDec/0527.html:
I think I found a bug in the specification of the Via header as given
in RFC 7230
notice "," there in sub-delims; this means that comma is a valid
character in a host.
and hence, that using a comma to terminate a host makes no sense
e.g.
Via: 1.0 fred, 1.1 p.example.net
'fred,' is a valid uri-host
In this case, I think we might be saved by the fact that the rest of
the line doesn't match, so 'fred' ends up being a pseudonym rather
than a uri-host.
However, I believe that there might be corner cases not backed up by
this fallback.
The text was updated successfully, but these errors were encountered: