2008/9/25 Brian Smith <[EMAIL PROTECTED]>: > > Graham Dumpleton wrote: >> 2008/9/19 Brian Smith <[EMAIL PROTECTED]>: >> > I think there is also the problem that you cannot know >> > where to parse things using the quoted-string production >> > and where you can parse things using the TEXT production >> > (which allows unmatched quoted strings), unless you know >> > beforehand the BNF for the specific header field you are >> > trying to parse. >> >> But given WSGI closeness to CGI, wouldn't the statement in >> CGI specification RFC3875: >> >> Note that each header field in >> a CGI-Response MUST be specified on a single line; CGI/1.1 does not >> support continuation lines. >> >> effectively take precedence over that. >> >> I think this is the only way one could have it if one wants >> WSGI to be portable to CGI as a hosting mechanism. > > I agree that continuations should not be allowed in WSGI. But, escaped > newlines are different from continuations: > > > Continuation: Blah<CR><LF> asdfasdfadsf > Malformed-Continuation: Blah<CR><LF>asdfasdfasdf > Quoted-Newline: "foo\<LF>" > Quoted-Newline-or-Error: (maybe this is a comment, \<LF>maybe not) > > The last case is definitely ambiguous without knowing the grammar of the > header. However, comments are so rare (except for User-Agent) that you could > get by with assuming that there are no quoted newlines in comments. However, > you still have to watch out for quoted newlines in quoted-string. But, I > re-read RFC 2616 and it seems like it intends for a double quote to always > start a quoted-string, regardless of the grammar of the header field in > which it appears. So, things are not as tricky as I had suspected.
Ignore what it says about continuations, read it as two separate statements. The first part says: Note that each header field in a CGI-Response MUST be specified on a single line; Using a newline in a quote string would seem to violate that if one interprets it in the simple sense of a single line is anything up to a newline character, ignoring any escaping. As reference I always look at what Apache does, and Apache for CGI does not support a newline character anywhere in value, whether it be escaped or not. Thus, you may want to try and support it, but it isn't going to be portable and would break for CGI and SCGI just to start with. Graham --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to modwsgi@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en -~----------~----~----~----~------~----~------~--~---
