Bug 235709
| Summary: | [URL] Split forbidden host/domain code points, and add all C0 controls and add U+007F to the latter | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Karl <razielim> |
| Component: | New Bugs | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Normal | CC: | achristensen, annevk, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Karl
Spec update: Domains may not contain C0 controls or U+007F DELETE. Opaque hostnames remain changed.
See: https://github.com/whatwg/url/pull/685
WebKit already blocks these code-points in domains (since https://bugs.webkit.org/show_bug.cgi?id=232034 ), but it should be relaxed for opaque hostnames pending further discussion.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Karl
Apologies for the typo: "Opaque hostnames remain changed." should be "Opaque hostnames remain **un**changed." 🤦♂️
Alex Christensen
I'm not sure I agree that opaque hostnames should remain unchanged. I think the case for the character sets to be the same for both types of hosts is compelling. I haven't seen any compatibility issues from this change. I think this is a bridge we will have to cross when Chrome and/or Firefox change to make opaque hostnames a thing in their implementations.
Radar WebKit Bug Importer
<rdar://problem/88431669>
Anne van Kesteren
*** This bug has been marked as a duplicate of bug 257213 ***