So there's 2 topics here, both about field values. 1. What does comma mean? 2. What does dquote mean?
If there is a comma present, and it's not within a DQUOTE pair, then that's the delimiter between field-values. So that means ... *Example 1:* X-Foo: apple, banana, pear Is a field of name "X-Foo", with 3 values: 1. apple 2. banana 3. pear This can also be represented across multiple headers of the same name. *Example 2:* X-Foo: apple X-Foo: banana X-Foo: pear Those 2 examples are equivalent field definitions. Those 3 values, as they are written, are considered "token" field values per spec. See https://tools.ietf.org/html/rfc7230#section-3.2.6 You can have a field value of either: 1. a token 2. quoted-string 3. comment The rules for "token" are ... token = 1*tchar tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA ; any VCHAR, except delimiters Also, it notes that delimiters are (DQUOTE and "(),/:;<=>?@[\]{}") The rules for "quoted-string" are ... quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE qdtext = HTAB / SP /%x21 / %x23-5B / %x5D-7E / obs-text obs-text = %x80-FF If we take these rules and apply it to your stated example strings ... *Your Example 1:* If-Match: "ab35ef1bc78", "5be73a9c523" This is a field of name "If-Match", with 2 quoted-string values. 1. ab35ef1bc78 2. 5be73a9c523 *Your Example 2:* If-Match: W/"ab35ef1bc78", W/"5be73a9c523" This is a field of name "If-Match". It has 2 values, both of which are in violation of the spec. Why? This is started to be parsed as a token, as it doesn't start with DQUOTE. This field-value has 3 forbidden delimiter characters, the "/" is invalid, and so are the DQUOTE characters. This example doesn't fit the definition for quoted-string either, as it doesn't start with DQUOTE. If your example was ... If-Match: "W/ab35ef1bc78", "W/5be73a9c523" Then you would satisfy the quoted-string rules. (as the "/" is %x2F and within the allowed qdtext definition). And the parsed definition would be .. Field with name "If-Match", with a value list 1. W/ab35ef1bc78 2. W/5be73a9c523 Joakim Erdfelt / [email protected] On Thu, Oct 29, 2020 at 2:21 PM Cantor, Scott <[email protected]> wrote: > On 10/29/20, 3:14 PM, "[email protected] on behalf of Nils > Kilden-Pedersen" <[email protected] on behalf of > [email protected]> wrote: > > > I disagree. The quotes are part of the value and are significant. > > I agree. > > I was curious about this and followed the thread because I make use of the > etags feature in the DefaultServlet. It seems to operate properly so far as > it goes, but that may be due to simply expecting and handling the fact that > the quotes are gone, or by not properly handling weak vs.strong comparison. > > But if something behind the server were looking at the header value, it > would be getting a corrupted value out to compare with its own copy of the > tag if it had produced it. > > -- Scott > > > _______________________________________________ > jetty-users mailing list > [email protected] > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
