Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should we use less strict uri parsing? #19

Closed
daurnimator opened this issue Apr 4, 2016 · 4 comments
Closed

Should we use less strict uri parsing? #19

daurnimator opened this issue Apr 4, 2016 · 4 comments
Labels
question

Comments

@daurnimator
Copy link
Owner

At the moment url parsing is strict: it doesn't allow forbidden characters like {.

Should things like request.new_from_uri normalise to the encoded form?

References
@RyanSquared
Copy link
Contributor

Perhaps add either a strict boolean argument or add an escape_uri(uri) function, would be what I suggest. (Is there a URI module? If so, you could put escape_uri in there).

@daurnimator
Copy link
Owner Author

daurnimator commented Apr 18, 2016
edited
Loading

Perhaps add either a strict boolean argument

To what? There are many functions that take uris, and it will be a pain to add an extra parameter to all of them...

add an escape_uri(uri) function, would be what I suggest.

There are many ways to escape a URI depending on which piece of the URI you're talking about.

Is there a URI module? If so, you could put escape_uri in there

lua-http uses lpeg_patterns.uri for uri parsing.
The http.util module has a few various functions.

I'm actually tempted to close this issue. I think being strict about URIs is probably the better path here. Various encodings and pieces of software rely on invalid uri characters to work well. e.g.

  • curl uses square brackets for globbing unless you pass -g
  • in markdown, you surround links with parenthesis (and hence links can't contain a close parenthesis)
  • URI Templates

The biggest exception seems to be browsers, where anything starting with a scheme seems to get thrown through a uri escaping process. That hasn't been great for everyone either (see https://bugzilla.mozilla.org/show_bug.cgi?id=473822 ).

I originally created this issue when I was working with postgrest's foreign entitys syntax and wanted to copy/paste from docs to lua-http; but now I don't think it's worth it.

@daurnimator
Copy link
Owner Author

More related links:

@daurnimator
Copy link
Owner Author

Another link: https://tools.ietf.org/html/draft-ruby-url-problem-01

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@daurnimator @RyanSquared