>> * Currently, many request handlers match very liberally. For >> example, any request that matches "/admin.*" will be handled by the >> admin module, including "/adminlskjdfkljsd". Is this intentional? If >> not, shouldn't this be fixed? > > Not intentional AFAIK, should be fixed.
Ok, I'll do that. >> * Many handlers allow a trailing /, for example "/newticket" and "/ >> newticket/". What is the reason for this? Noah has mentioned this >> being a convenience for people entering URLs that don't know what >> they are doing. Are there any other reasons? > > The problem here is that if you don't allow a trailing slash, you > should at least automatically redirect from e.g. /foo/ to /foo (most > of the web does this the other way around, but hey). I think some web servers give a slightly different meaning to each. /foo/ means "foo" is a directory, and /foo that "foo" is a "file". IIRC Apache does it that way. But in the era of dynamic web services, this doesn't make sense anymore, and /foo seems more natural. > So if we get more strict here, we need to add some kinda of slash- > stripping redirector thing. Ok. >> Opinions? Which rule should I follow? > > I very much prefer strict. The rule should be not to expose the same > resource/representation under multiple different URIs. So even if > there are valid convenience features such as allowing both /foo/ and / > foo, one needs to redirect (as in 301) to the other. This makes perfect sense. > One issue here is that changes in this space may break URIs out there > on the web (bookmarks, search indices, links etc). That's something we > need to be very careful about: we're not just "breaking" the Trac > site, but the sites of all the Trac users out there. :P Breaking invalid URLs like "/amdinlsdkjflkjsd" should not be a problem. Breaking e.g. "/timeline/bogus/postfix" might or might not be a problem, I don't know. The only breakage we really care about is bookmarks and links, as search indices tend to be rebuilt quite often. I'll try to do a search for links to Trac sites, and see if any invalid URLs pop up. Thanks for your comments. -- Remy
signature.asc
Description: OpenPGP digital signature
