-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 André,
On 11/29/2009 2:00 PM, Warnier wrote: > But is is interesting to see how in the end, a document such as RFC2616 > which is meant to "specify" a relatively strict set of rules, and of > which I am sure the phrasing is examined carefully and repeatedly (it > being after all a revision of an earlier document on the same topic), > still leaves areas open to interpretation, or downright inconsistent. Agreed. In certain circumstances, I believe Apache httpd to be (somewhat?) non-spec-compliant. For instance, Apache httpd chokes on URIs like: http://host/path/to/resource;parameter=value httpd believes that, contrary to the HTTP spec, the ";" is a part of the resource and not a separator between the resource locator and a parameter to that resource. This is the reason we have hacks like mod_rewrite and mod_jk's JkStripSession setting to allow httpd to work properly with URIs containing ";jsessionid=...". The section of the spec in this case is "RFC 2396: Generic URI Syntax" (http://www.ietf.org/rfc/rfc2396.txt), section 3.3: " The path may consist of a sequence of path segments separated by a single slash "/" character. Within a path segment, the characters "/", ";", "=", and "?" are reserved. Each path segment may include a sequence of parameters, indicated by the semicolon ";" character. The parameters are not significant to the parsing of relative references. " Unfortunately, there is wiggle-room, here: what does a "path segment parameter" mean? Apache httpd has chosen to interpret path segment parameters as part of a resource's physical path on a filesystem: https://issues.apache.org/bugzilla/show_bug.cgi?id=42860 - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksULAEACgkQ9CaO5/Lv0PDfwQCgnioa6Rc32LP90TIfQUPfz6ZR dPcAniwmKBVu+irtyGk4aDQplj7/LuzX =W2o5 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
