Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

> On Sep 14, 2016, at 6:28 AM, William A Rowe Jr wrote: > > On Tue, Sep 13, 2016 at 5:07 PM, Jacob Champion > wrote: > On 09/13/2016 12:25 PM, Jacob Champion wrote: > What is this? Is this the newest "there are a bunch of almost-right > implementations so let's make

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Sep 14, 2016 12:59 PM, "Ruediger Pluem" wrote: > > On 09/14/2016 07:17 PM, Jacob Champion wrote: > > > > I think that's bad from a documentation and usability standpoint. If WHATWG (hypothetically) decided to bless more > > exceptions to the RFC, would we follow suit with StrictURI? Is StrictUR

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On 09/14/2016 07:17 PM, Jacob Champion wrote: > On 09/14/2016 06:28 AM, William A Rowe Jr wrote: >> On Tue, Sep 13, 2016 at 5:07 PM, Jacob Champion > > wrote: >> >> (My goal in asking this question is not to stare and point and >> laugh, but more to figure out

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On 09/14/2016 06:28 AM, William A Rowe Jr wrote: On Tue, Sep 13, 2016 at 5:07 PM, Jacob Champion mailto:champio...@gmail.com>> wrote: (My goal in asking this question is not to stare and point and laugh, but more to figure out whether we are skating to where the puck is going. It wou

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Tue, Sep 13, 2016 at 5:07 PM, Jacob Champion wrote: > On 09/13/2016 12:25 PM, Jacob Champion wrote: > >> What is this? Is this the newest "there are a bunch of almost-right >> implementations so let's make yet another standard in the hopes that it >> won't make things worse"? Does anyone know

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On 09/13/2016 12:25 PM, Jacob Champion wrote: What is this? Is this the newest "there are a bunch of almost-right implementations so let's make yet another standard in the hopes that it won't make things worse"? Does anyone know the history behind this spec? (My goal in asking this question is

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On 09/13/2016 08:55 AM, William A Rowe Jr wrote: On Mon, Sep 12, 2016 at 9:19 PM, Eric Covener mailto:cove...@gmail.com>> wrote: For others who might hit a maze of closed/duped bug reports this one is active this year: https://bugzilla.mozilla.org/show_bug.cgi?id=1064700

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On 09/13/2016 08:02 PM, William A Rowe Jr wrote: > On Tue, Sep 13, 2016 at 10:55 AM, William A Rowe Jr > wrote: > > On Mon, Sep 12, 2016 at 9:19 PM, Eric Covener > wrote: > > > For others who might hit a maze of closed/duped b

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Tue, Sep 13, 2016 at 10:55 AM, William A Rowe Jr wrote: > On Mon, Sep 12, 2016 at 9:19 PM, Eric Covener wrote: > >> >> For others who might hit a maze of closed/duped bug reports this one >> is active this year: >> https://bugzilla.mozilla.org/show_bug.cgi?id=1064700 >> > > Makes for some dis

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Mon, Sep 12, 2016 at 9:19 PM, Eric Covener wrote: > On Mon, Sep 12, 2016 at 5:38 PM, William A Rowe Jr > wrote: > > It really seems that if a major client is not handling "|" correctly, we > > need to carve out an exception, > > +1 to allow it. > > For others who might hit a maze of closed/du

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Sep 13, 2016 3:36 AM, "Yann Ylavic" wrote: > > On Tue, Sep 13, 2016 at 10:10 AM, Ruediger Pluem wrote: > > > > > > On 09/13/2016 04:19 AM, Eric Covener wrote: > >> On Mon, Sep 12, 2016 at 5:38 PM, William A Rowe Jr wrote: > >>> It really seems that if a major client is not handling "|" correc

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Tue, Sep 13, 2016 at 10:10 AM, Ruediger Pluem wrote: > > > On 09/13/2016 04:19 AM, Eric Covener wrote: >> On Mon, Sep 12, 2016 at 5:38 PM, William A Rowe Jr >> wrote: >>> It really seems that if a major client is not handling "|" correctly, we >>> need to carve out an exception, >> >> +1 to a

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On 09/13/2016 04:19 AM, Eric Covener wrote: > On Mon, Sep 12, 2016 at 5:38 PM, William A Rowe Jr > wrote: >> It really seems that if a major client is not handling "|" correctly, we >> need to carve out an exception, > > +1 to allow it. > > For others who might hit a maze of closed/duped bug

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Mon, Sep 12, 2016 at 5:38 PM, William A Rowe Jr wrote: > It really seems that if a major client is not handling "|" correctly, we > need to carve out an exception, +1 to allow it. For others who might hit a maze of closed/duped bug reports this one is active this year: https://bugzilla.mozill

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Mon, Sep 12, 2016 at 3:06 PM, William A Rowe Jr wrote: > On Mon, Sep 12, 2016 at 10:49 AM, William A Rowe Jr > wrote: > >> On Mon, Aug 29, 2016 at 1:04 PM, Ruediger Pluem >> wrote: >> >>> >>> On 08/29/2016 06:25 PM, William A Rowe Jr wrote: >>> > Thanks all for the feedback. Status and follo

Re: StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Mon, Sep 12, 2016 at 10:49 AM, William A Rowe Jr wrote: > On Mon, Aug 29, 2016 at 1:04 PM, Ruediger Pluem wrote: > >> >> On 08/29/2016 06:25 PM, William A Rowe Jr wrote: >> > Thanks all for the feedback. Status and follow-up questions inline >> > >> > On Thu, Aug 25, 2016 at 10:02 PM, William

StrictURI in the wild [Was: Backporting HttpProtocolOptions survey]

On Mon, Aug 29, 2016 at 1:04 PM, Ruediger Pluem wrote: > > On 08/29/2016 06:25 PM, William A Rowe Jr wrote: > > Thanks all for the feedback. Status and follow-up questions inline > > > > On Thu, Aug 25, 2016 at 10:02 PM, William A Rowe Jr > wrote: > > > > 4. Shoul

Re: Backporting HttpProtocolOptions survey

On Mon, Aug 29, 2016 at 1:04 PM, Ruediger Pluem wrote: > > On 08/29/2016 06:25 PM, William A Rowe Jr wrote: > > Thanks all for the feedback. Status and follow-up questions inline > > > > On Thu, Aug 25, 2016 at 10:02 PM, William A Rowe Jr > wrote: > > > > A couple

Re: Backporting HttpProtocolOptions survey

On 08/29/2016 06:25 PM, William A Rowe Jr wrote: > Thanks all for the feedback. Status and follow-up questions inline > > On Thu, Aug 25, 2016 at 10:02 PM, William A Rowe Jr > wrote: > > A couple key questions now that the full refactoring of legacy vs. strict

Re: Backporting HttpProtocolOptions survey

Thanks all for the feedback. Status and follow-up questions inline On Thu, Aug 25, 2016 at 10:02 PM, William A Rowe Jr wrote: > A couple key questions now that the full refactoring of legacy vs. strict > is mostly complete (there remain potential issues with some of the 3-4 yr > old changes on t

Re: Backporting HttpProtocolOptions survey

+1 > On Aug 26, 2016, at 7:10 AM, Ruediger Pluem wrote: > > > Debug > > We should ban it unequivocally. > > Only a single toggle. > > Default should be strict. >

Re: Backporting HttpProtocolOptions survey

On Fri, Aug 26, 2016 at 2:02 PM, Eric Covener wrote: > On Fri, Aug 26, 2016 at 7:10 AM, Ruediger Pluem wrote: >> >> >> On 08/26/2016 05:02 AM, William A Rowe Jr wrote: >>> A couple key questions now that the full refactoring of legacy vs. strict >>> is mostly complete (there remain potential >>>

Re: Backporting HttpProtocolOptions survey

On 08/25/2016 08:02 PM, William A Rowe Jr wrote: A couple key questions now that the full refactoring of legacy vs. strict is mostly complete (there remain potential issues with some of the 3-4 yr old changes on trunk which I'll raise in other posts.) But speaking only to the request line and req

Re: Backporting HttpProtocolOptions survey

On Aug 25, 2016 22:02, "William A Rowe Jr" wrote: > 3. Do we need multiple layers of 'Strict'ness, or should there be a single toggle, or no toggle, no tolerant input at all in the next 2.2/2.4 releases? My thoughts on three toggles ran like this... Unsafe allows things httpd has offered which

Re: Backporting HttpProtocolOptions survey

On Fri, Aug 26, 2016 at 7:10 AM, Ruediger Pluem wrote: > > > On 08/26/2016 05:02 AM, William A Rowe Jr wrote: >> A couple key questions now that the full refactoring of legacy vs. strict is >> mostly complete (there remain potential >> issues with some of the 3-4 yr old changes on trunk which I'l

Re: Backporting HttpProtocolOptions survey

On 08/26/2016 05:02 AM, William A Rowe Jr wrote: > A couple key questions now that the full refactoring of legacy vs. strict is > mostly complete (there remain potential > issues with some of the 3-4 yr old changes on trunk which I'll raise in other > posts.) But speaking only to the request >

Backporting HttpProtocolOptions survey

A couple key questions now that the full refactoring of legacy vs. strict is mostly complete (there remain potential issues with some of the 3-4 yr old changes on trunk which I'll raise in other posts.) But speaking only to the request line and request header parsing... 1. Does it make sense to em