Changeset 1041


Ignore:
Timestamp:
Oct 21, 2010, 5:01:52 AM (9 years ago)
Author:
julian.reschke@…
Message:

point out impl problems wrt to unescaping (not handling backslash in quoted string, misinterpreting %xx) (see #245)

Location:
draft-ietf-httpbis-content-disp/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.html

    r1025 r1041  
    3838cite {
    3939  font-style: normal;
     40}
     41div.note {
     42  margin-left: 2em;
    4043}
    4144dd {
     
    401404      <meta name="dct.creator" content="Reschke, J. F.">
    402405      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-content-disp-latest">
    403       <meta name="dct.issued" scheme="ISO8601" content="2010-10-05">
     406      <meta name="dct.issued" scheme="ISO8601" content="2010-10-21">
    404407      <meta name="dct.abstract" content="HTTP/1.1 defines the Content-Disposition response header field, but points out that it is not part of the HTTP/1.1 Standard. This specification takes over the definition and registration of Content-Disposition, as used in HTTP, and clarifies internationalization aspects.">
    405408      <meta name="description" content="HTTP/1.1 defines the Content-Disposition response header field, but points out that it is not part of the HTTP/1.1 Standard. This specification takes over the definition and registration of Content-Disposition, as used in HTTP, and clarifies internationalization aspects.">
     
    419422               <td class="left">Updates: <a href="http://tools.ietf.org/html/rfc2616">2616</a> (if approved)
    420423               </td>
    421                <td class="right">October 5, 2010</td>
     424               <td class="right">October 21, 2010</td>
    422425            </tr>
    423426            <tr>
     
    426429            </tr>
    427430            <tr>
    428                <td class="left">Expires: April 8, 2011</td>
     431               <td class="left">Expires: April 24, 2011</td>
    429432               <td class="right"></td>
    430433            </tr>
     
    455458         in progress”.
    456459      </p>
    457       <p>This Internet-Draft will expire on April 8, 2011.</p>
     460      <p>This Internet-Draft will expire on April 24, 2011.</p>
    458461      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    459462      <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     
    609612         </li>
    610613      </ul>
     614      <div class="note" id="rfc.section.3.3.p.6">
     615         <p> <b>Note:</b> Many user agents do not properly handle escape characters when using the quoted-string form. Furthermore, some user agents
     616            erroneously try to perform unescaping of "percent" escapes (see <a href="#alternatives.percent" title="Percent Encoding">Appendix&nbsp;C.2</a>), an thus might misinterpret filenames containing the percent character followed by two hex digits.
     617         </p>
     618      </div>
    611619      <h2 id="rfc.section.3.4"><a href="#rfc.section.3.4">3.4</a>&nbsp;<a id="disposition.parameter.extensions" href="#disposition.parameter.extensions">Disposition Parameter: Extensions</a></h2>
    612620      <p id="rfc.section.3.4.p.1">To enable future extensions, unknown parameters <em class="bcp14">SHOULD</em> be ignored (see also <a href="#RFC2183" id="rfc.xref.RFC2183.3"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field">[RFC2183]</cite></a>, <a href="http://tools.ietf.org/html/rfc2183#section-2.8">Section 2.8</a>).
     
    900908      <ul>
    901909         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/244">http://tools.ietf.org/wg/httpbis/trac/ticket/244</a>&gt;: "state that repeating parameters are invalid"
     910         </li>
     911         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/245">http://tools.ietf.org/wg/httpbis/trac/ticket/245</a>&gt;: "warn about %xx in filenames being misinterpreted"
    902912         </li>
    903913         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/246">http://tools.ietf.org/wg/httpbis/trac/ticket/246</a>&gt;: "mention control chars when talking about postprecessing the filename parameter"
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.xml

    r1025 r1041  
    233233  </list>
    234234</t>
     235<x:note>
     236  <t>
     237    <x:h>Note:</x:h> Many user agents do not properly handle escape characters
     238    when using the quoted-string form. Furthermore, some user agents
     239    erroneously try to perform unescaping of "percent" escapes (see
     240    <xref target="alternatives.percent"/>), an thus might misinterpret filenames
     241    containing the percent character followed by two hex digits.
     242  </t>
     243</x:note>
    235244</section>
    236245
     
    840849    </t>
    841850    <t>
     851      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/245"/>:
     852      "warn about %xx in filenames being misinterpreted"
     853    </t>
     854    <t>
    842855      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/246"/>:
    843856      "mention control chars when talking about postprecessing the filename parameter"
Note: See TracChangeset for help on using the changeset viewer.