You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by st...@cygnite.com on 2004/04/01 19:05:59 UTC
Re: URL validation
> The way I read http://www.faqs.org/rfcs/rfc2396.html
> section 3.3
>
> I don't believe the path segment can legally end with a '/'.
> Read the RFC and see what you think.
>
> So I don't believe http://www.google.com:80/?action=xyz
> strictly speaking is valid, should we optionally allow for it
> probably.
>
> http://www.google.com:80?action would be valid
> http://www.google.com:80/path?action would be valid
>
>
Two points of note to my mind:
Quoting Section 3.2 of RFC:
The authority component is preceded by a double slash "//" and is
terminated by the next slash "/", question-mark "?", or by the end of
the URI.
There's nothing wrong with the server name (ie. authority) being
terminated with a slash as in
http://www.google.com:80/?action=xyz
since this merely translates as having no path component in the URI,
rather than the path being "/" or is the path intended to start with the
"/"?
In any event, section B, starts with some examples, including:
http://www.ics.uci.edu/pub/ietf/uri/#Related
which is very similar to path/?xxxx and implies that the path component
can indeed end with a "/" and I _believe_ but haven't actually tested that
the regular expression a few lines above:
^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?
would pull out the relevant items from the URL of the form:
http://www.google.com:80/path/?action
and section C1 contains a list of "Normal Examples", one of which is:
?y = http://a/b/c/?y
I think that the URLs discussed would therefore be valid.
Steve.