On 19/11/2019 23:25, David Lloyd wrote:
:
OK, having read the updated specification (thanks Alan!) I'm now quite
curious why `/C:/helloworld.jar` is considered invalid. It is in fact
a valid relative URL (colons are allowed in path segments, and the
leading `/` unambiguously delineates the URL path), and thus it seems
that it should be considered valid.
This is a awkward area as the parsing here is very security sensitive.
The current implementation is deliberately limited to make it easy to
audit. It was a deliberate decision to disallow relative URLs that
encode a Windows file path containing a drive letter. You can of course
use an absolute file URL here and I would expect
"file:/C:/helloworld.jar" to work. The spec was relaxed to allow
absolute file URLs for cases like this. I'm not opposed to expanding the
parsing to allow for more cases but a detailed security review will be
needed on all changes in this area.
-Alan
