.sOn Mon, Jul 1, 2013 at 10:58 AM, Benjamin Smedberg
<benja...@smedbergs.us> wrote:
>> Idempotent: Currently Gecko's parser and the URL Standard's parser are
>> not idempotent. E.g. http://@/mozilla.org/ becomes
>> http:///mozilla.org/ which when parsed becomes http://mozilla.org/
>> which is somewhat bad for security. My plan is to change the URL
>> Standard to fail parsing empty host names. I'll have to research if
>> there's other cases that are not idempotent.
>
> I don't actually know what this means. Are you saying that
> "http://@/mozilla.org/"; sometimes resolves to one URI and sometimes another?
function makeURI(str) ioSvc.newURI(str, null, null)
makeURI("http://@/mozilla.org/";).spec -> http:///mozilla.org/
makeURI("http:///mozilla.org/";).spec -> http://mozilla.org/
In other words,
makeURI(makeURI(str).spec).spec does not always return "str".
Gavin
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
