review.tizen.org Git - platform/upstream/nodejs.git/commit

author	isaacs <i@izs.me>
	Mon, 3 Jun 2013 20:39:57 +0000 (13:39 -0700)
committer	isaacs <i@izs.me>
	Mon, 3 Jun 2013 22:56:16 +0000 (15:56 -0700)
commit	5dc51d4e215b658a0fefe9d5eebc22f80747cd0b
tree	893c9452f39bc0cfca34767922abccc36d6a6208	tree \| snapshot
parent	df6ffc018ef0d166486d1323412472b981ecb648	commit \| diff

url: Properly parse certain oddly formed urls

In cases where there are multiple @-chars in a url, Node currently
parses the hostname and auth sections differently than web browsers.

This part of the bug is serious, and should be landed in v0.10, and
also ported to v0.8, and releases made as soon as possible.

The less serious issue is that there are many other sorts of malformed
urls which Node either accepts when it should reject, or interprets
differently than web browsers. For example, `http://a.com*foo` is
interpreted by Node like `http://a.com/*foo` when web browsers treat
this as `http://a.com%3Bfoo/`.

In general, *only* the `hostEndingChars` should be the characters that
delimit the host portion of the URL. Most of the current `nonHostChars`
that appear in the hostname should be escaped, but some of them (such as
`;` and `%` when it does not introduce a hex pair) should raise an
error.

We need to have a broader discussion about whether it's best to throw in
these cases, and potentially break extant programs, or return an object
that has every field set to `null` so that any attempt to read the
hostname/auth/etc. will appear to be empty.

lib/url.js		diff \| blob \| history
test/simple/test-url.js		diff \| blob \| history