* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Changeset 1041


Ignore:
Timestamp:
2010-10-21 05:01:52 (4 years ago)
Author:
julian.reschke@gmx.de
Message:

point out impl problems wrt to unescaping (not handling backslash in quoted string, misinterpreting %xx) (see #245)

Location:
draft-ietf-httpbis-content-disp/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.html

    r1025 r1041  
    3838cite { 
    3939  font-style: normal; 
     40} 
     41div.note { 
     42  margin-left: 2em; 
    4043} 
    4144dd { 
     
    401404      <meta name="dct.creator" content="Reschke, J. F."> 
    402405      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-content-disp-latest"> 
    403       <meta name="dct.issued" scheme="ISO8601" content="2010-10-05"> 
     406      <meta name="dct.issued" scheme="ISO8601" content="2010-10-21"> 
    404407      <meta name="dct.abstract" content="HTTP/1.1 defines the Content-Disposition response header field, but points out that it is not part of the HTTP/1.1 Standard. This specification takes over the definition and registration of Content-Disposition, as used in HTTP, and clarifies internationalization aspects."> 
    405408      <meta name="description" content="HTTP/1.1 defines the Content-Disposition response header field, but points out that it is not part of the HTTP/1.1 Standard. This specification takes over the definition and registration of Content-Disposition, as used in HTTP, and clarifies internationalization aspects."> 
     
    419422               <td class="left">Updates: <a href="http://tools.ietf.org/html/rfc2616">2616</a> (if approved) 
    420423               </td> 
    421                <td class="right">October 5, 2010</td> 
     424               <td class="right">October 21, 2010</td> 
    422425            </tr> 
    423426            <tr> 
     
    426429            </tr> 
    427430            <tr> 
    428                <td class="left">Expires: April 8, 2011</td> 
     431               <td class="left">Expires: April 24, 2011</td> 
    429432               <td class="right"></td> 
    430433            </tr> 
     
    455458         in progress”. 
    456459      </p> 
    457       <p>This Internet-Draft will expire on April 8, 2011.</p> 
     460      <p>This Internet-Draft will expire on April 24, 2011.</p> 
    458461      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 
    459462      <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p> 
     
    609612         </li> 
    610613      </ul> 
     614      <div class="note" id="rfc.section.3.3.p.6">  
     615         <p> <b>Note:</b> Many user agents do not properly handle escape characters when using the quoted-string form. Furthermore, some user agents 
     616            erroneously try to perform unescaping of "percent" escapes (see <a href="#alternatives.percent" title="Percent Encoding">Appendix&nbsp;C.2</a>), an thus might misinterpret filenames containing the percent character followed by two hex digits. 
     617         </p>  
     618      </div> 
    611619      <h2 id="rfc.section.3.4"><a href="#rfc.section.3.4">3.4</a>&nbsp;<a id="disposition.parameter.extensions" href="#disposition.parameter.extensions">Disposition Parameter: Extensions</a></h2> 
    612620      <p id="rfc.section.3.4.p.1">To enable future extensions, unknown parameters <em class="bcp14">SHOULD</em> be ignored (see also <a href="#RFC2183" id="rfc.xref.RFC2183.3"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field">[RFC2183]</cite></a>, <a href="http://tools.ietf.org/html/rfc2183#section-2.8">Section 2.8</a>). 
     
    900908      <ul> 
    901909         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/244">http://tools.ietf.org/wg/httpbis/trac/ticket/244</a>&gt;: "state that repeating parameters are invalid" 
     910         </li> 
     911         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/245">http://tools.ietf.org/wg/httpbis/trac/ticket/245</a>&gt;: "warn about %xx in filenames being misinterpreted" 
    902912         </li> 
    903913         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/246">http://tools.ietf.org/wg/httpbis/trac/ticket/246</a>&gt;: "mention control chars when talking about postprecessing the filename parameter" 
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.xml

    r1025 r1041  
    233233  </list> 
    234234</t> 
     235<x:note> 
     236  <t> 
     237    <x:h>Note:</x:h> Many user agents do not properly handle escape characters 
     238    when using the quoted-string form. Furthermore, some user agents 
     239    erroneously try to perform unescaping of "percent" escapes (see 
     240    <xref target="alternatives.percent"/>), an thus might misinterpret filenames 
     241    containing the percent character followed by two hex digits. 
     242  </t> 
     243</x:note> 
    235244</section> 
    236245 
     
    840849    </t> 
    841850    <t> 
     851      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/245"/>: 
     852      "warn about %xx in filenames being misinterpreted" 
     853    </t> 
     854    <t> 
    842855      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/246"/>: 
    843856      "mention control chars when talking about postprecessing the filename parameter" 
Note: See TracChangeset for help on using the changeset viewer.