-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue #18 URI path processing #424
Conversation
Issue #18 URI path processing. Moved the wiki text to a PR for better comment and suggestions.
moved TODOs to PR comments
Define URI transport as description list with HTTP/1.0 and HTTP/3 included.
Move all rejections to the last step.
UTF-8 decoding
Added example table. too long and needs review
Issue #225 doHead fixes: + fixed reset handling in `NoBodyResponse` and `NoBodyOutputStream` + better implementation of async IO methods in `NoBodyOutputStream` + replaced `doHead` implementation with direct call of `doGet` and legacy nobody mode. + added unit tests. Signed-off-by: Greg Wilkins <[email protected]>
Looks like the PR is a bit messed up, it has the head content length stuff in it now. |
lots of format cleanups
@stuartwdouglas DOH! I did a merge from master and my git-foo must have messed up. Let me see if I can fix.... |
Some thoughts on Section 9.1.1 discusses passing a path with a query string to a My current thinking is that the same canonicalization process as we are defining here is applied to the path passed to the |
Updated test with expected results that are authored (rather than generated). Test expected to fail at this stage until we fix trailing '/' handling.
I'm currently running the example URIs through Tomcat's current default URI canonicalization process. As expected, I've found a few differences. There aren't any show-stoppers but I do have one quick question. Since user agents fragments are only processed by the user agent (RFC 3986, section 3.5, 5th paragraph) "...the fragment itself is dereferenced solely by the user agent..." do we want to add URIs with fragments to the list of 'suspicious' URIs? |
@markt-asf I think fragments in the server are indeed suspicious. I'm done for the day, so feel free to update the branch accordingly.... else I'll do it tomorrow. |
I've updated for PR for fragments being suspicious and re-encoding %2F. |
@markt-asf thanks for those updates.... they mostly look good. However, the text reads as:
which I think is correct, but that's not what we have currently implemented in the unit test. We are always re-encoding these characters, so a URI of Perhaps we should change the text to:
And then we can make the test encoding conditional on rejecting the %2F and add an example for |
I ran this algorithm past our unit tests. A few differences but only in things that I don't mind changing. |
I agree. I performed a similar test with Tomcat with similar results. The only thing I could see that was required was adding the canonicalization text to the other HttpServletReqiuest methods. I've just done that. I think this is good to merge. |
I'll wait for @stuartwdouglas to comment before merging. |
Issue #18 URI path processing. Moved the wiki text to a PR for better comment and suggestions.
I've kept the TODOs in for now. I will replace with PR comments and then remove.