13 messages in org.oasis-open.lists.xri-editorsRE: [xri-editors] Xref escaping rules| From | Sent On | Attachments |
|---|---|---|
| Wachob, Gabe | Jun 30, 2003 9:03 am | |
| Dave McAlpin | Jun 30, 2003 9:51 am | |
| Drummond Reed | Jun 30, 2003 11:29 am | |
| Wachob, Gabe | Jun 30, 2003 11:49 am | |
| Dave McAlpin | Jun 30, 2003 12:32 pm | |
| Wachob, Gabe | Jun 30, 2003 1:19 pm | |
| Dave McAlpin | Jun 30, 2003 1:25 pm | |
| Drummond Reed | Jun 30, 2003 2:13 pm | |
| Dave McAlpin | Jun 30, 2003 3:43 pm | |
| Wachob, Gabe | Jun 30, 2003 3:45 pm | |
| Drummond Reed | Jun 30, 2003 6:40 pm | |
| Dave McAlpin | Jun 30, 2003 7:19 pm | |
| Dave McAlpin | Jul 2, 2003 11:47 am |
| Subject: | RE: [xri-editors] Xref escaping rules | |
|---|---|---|
| From: | Drummond Reed (drum...@onename.com) | |
| Date: | Jun 30, 2003 6:40:52 pm | |
| List: | org.oasis-open.lists.xri-editors | |
Dave, I agree, very nice, very clear. One question: is escaping the % sign itself necessary on each pass? In other words, if a native URI already contains an escape sequence, such as %3F, does it need to be re-escaped each time it is enclosed as a cross-reference (potentially multiple times)?
I suspect the answer is yes because this is how the algorithm stays clean and simple (like your logic). If so, just nod your head.
=Drummond
-----Original Message----- From: Wachob, Gabe [mailto:gwac...@visa.com] Sent: Monday, June 30, 2003 4:01 PM To: 'Dave McAlpin'; Drummond Reed; Wachob, Gabe; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
That sounds great Dave, after a quick reading. Captures my thinking and seems good to me.
+1000
-Gabe
-----Original Message----- From: Dave McAlpin [mailto:dave...@epokinc.com] Sent: Monday, June 30, 2003 3:59 PM To: 'Drummond Reed'; 'Wachob, Gabe'; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
Here's the proposed text around this issue if you're interested.
XRIs MUST use escaped encoding as described in [RFC2396]. XRIs also have additional escaping rules described below.
XRIs can contain nested URIs as cross-references (see section [TODO]). These nested URIs can contain characters that, if unescaped, would cause misinterpretation when parsing the enclosing XRI. Consider the following XRI.
xri:@example/(http://www.example.com?id=1)
The generic parsing algorithm described in [RFC2396] would separate the above XRI into the following components
scheme = xri authority = <undefined> path = @example/(http://www.example.com? query = id=1)
The desired separation is
scheme = xri authority = <undefined> path = @example/(http://www.example.com?id=1) query = <undefined>
To avoid this type of misinterpretation, a URI (including an XRI) must be escaped before it can be used as a cross-reference. In particular, it MUST be converted such that the percent "%" character is escaped as "%25", the question mark "?" character is escaped as "%3F" and the pound sign "#" is escaped as "%28".
The example above, then, would be correctly expressed as
xri:@example/(http://www.example.com%3Fid=1)
Cross-references may be nested to any depth. The above rule is applied to each nesting level. For example, if the above XRI was used as a cross-reference, the percent sign "%" would be escaped to "%25".
xri:@example1/( xri:@example/(http://www.example.com%253Fid=1))
Furthermore, parentheses "(" and ")" MUST be escaped if they appear in a URI but do not delimit an XRI cross-reference. If an XRI cross-reference is embedded within an enclosing cross-reference, the parentheses delimiting the inner cross-reference MAY be escaped, but this is NOT RECOMMENDED because it complicates comparison. For example
xri:@example1/( xri:@example/(http://www.example.com%253Fid=1))
is preferred to
xri:@example1/( xri:@example/%28http://www.example.com%253Fid=1%29)
although both are legal and equivalent.
Before a URI may be used as a cross-reference, then, the following steps MUST be performed in order:
1. Escape all percent "%" characters as "%25". 2. Escape all parentheses "(" and ")" that do not delimit XRI cross-references as "%28" and "%29", respectively. 3. Escape all pound "#" characters as "%23". 4. Escape all question mark "?" characters as "%3F".
Note that the URI is assumed to be in an "escaped" form appropriate to its scheme before the above rules are applied.
Before a cross-reference is evaluated it MUST first be unescaped. If a cross-reference is contained in an enclosing cross-reference, the enclosing cross-reference MUST be unescaped before the inner cross-reference is evaluated and unescaped.
-----Original Message----- From: Drummond Reed [mailto:drum...@onename.com] Sent: Monday, June 30, 2003 2:30 PM To: Dave McAlpin; Wachob, Gabe; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
+2 (except that it's %28 not #28).
=Drummond
-----Original Message----- From: Dave McAlpin [mailto:dave...@epokinc.com] Sent: Monday, June 30, 2003 1:41 PM To: 'Wachob, Gabe'; Drummond Reed; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
Sorry, I misunderstood the question. I'm allowing both in the normative text and saying the second is preferred.
-----Original Message----- From: Wachob, Gabe [mailto:gwac...@visa.com] Sent: Monday, June 30, 2003 1:35 PM To: 'Dave McAlpin'; Wachob, Gabe; 'Drummond Reed'; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
Really?
So you'd prefer:
xri://foo.bar/(+Gabe/#28+stuff#29)
over
xri://foo.bar/(+Gabe/(+stuff))
I don't see a reason why we need to do escaping for the () on XRI values as cross references..
-Gabe
-----Original Message----- From: Dave McAlpin [mailto:dave...@epokinc.com] Sent: Monday, June 30, 2003 12:48 PM To: 'Wachob, Gabe'; 'Drummond Reed'; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
I think these rules apply to cross-references in general, both general URIs and XRIs.
-----Original Message----- From: Wachob, Gabe [mailto:gwac...@visa.com] Sent: Monday, June 30, 2003 12:05 PM To: 'Dave McAlpin'; Wachob, Gabe; 'Drummond Reed'; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
Dave- This seems straightforward and I don't know why it wasn't the first proposal on the table. I can't seem to figure out a problem with it, so +1 unless someone can discover an issue with it.
BTW, the way I read it is that this escaping is only neccesary for URIs as xrefs, not XRI values as xrefs...
-Gabe
-----Original Message----- From: Dave McAlpin [mailto:dave...@epokinc.com] Sent: Monday, June 30, 2003 10:08 AM To: 'Wachob, Gabe'; 'Drummond Reed'; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
I assumed we would escape iteratively, once for each level of nesting
1) Embed http://foo.com?id=21#bar in xri:@foo/baz as a cross-reference
a) Escape cross-reference to get http://foo.com%3Fid=21%23bar
b) Add as cross-reference xri:@foo/baz/(http://foo.com%3Fid=21%23bar)
When the cross-reference is extracted, it's unescaped to
http://foo.com?id=21#bar
2) Embed http://foo.com?id=21-%28widget#bar in xri:@foo/baz as a cross-refrence
a) Escape the cross-reference to get http://foo.com%3Fid=21-%2528widget%23bar
b) Append as cross-reference xri:@foo/baz/(http://foo.com%3Fid=21-%2528widget%23bar)
When the cross-reference is extracted, it's unescaped to
http://foo.com?id=21-%28widget#bar
3) A complex nested example. Embed http://foo.com?id=21-%28widget in xri:+foo.bar.<xref>, which is in turn embedded in xri://foo.bar/<xref>/baz
a) First escape the innermost cross-reference to get http://foo.com%3Fid=21-%2528widget
b) Add as cross-reference xri:+foo.bar.(http://foo.com%3Fid=21-%2528widget)
c) Escape the cross-reference to get xri:+foo.bar.(http://foo.com%253Fid=21-%252528widget)
d) Add as cross-reference xri://foo.bar/(xri:+foo.bar.(http://foo.com%253Fid=21-%252528w idget)))/baz
When the XRI is evaluated, the outermost cross-reference is extracted
xri:+foo.bar.(http://foo.com%253Fid=21-%252528widget))
And unescaped to give
xri:+foo.bar.(http://foo.com%3Fid=21-%2528widget))
The next level cross-reference is extracted
http://foo.com%3Fid=21-%2528widget
and unescaped to give
http://foo.com?id=21-%28widget
Dave
-----Original Message----- From: Wachob, Gabe [mailto:gwac...@visa.com] Sent: Monday, June 30, 2003 9:19 AM To: 'Drummond Reed'; xri-...@lists.oasis-open.org Subject: RE: [xri-editors] Xref escaping rules
Drummond- This seems pretty reasonable.
Have you considered the case where you have two levels of cross referencing? That is, a cross reference which contains an XRI value that itself has a cross reference?
xri://foo.bar/(+foo.bar.(http://www.foo.com#3ffoo))/baz
vs
xri://foo.bar/(+foo.bar.(http://www.foo.com(#3f)foo))/baz
vs
xri://foo.bar/(+foo.bar.(http://www.foo.com((#3f))foo))/baz
I think you need to amend the rules about escaping/unescaping to account for nesting..
-Gabe
-----Original Message----- From: Drummond Reed [mailto:drum...@onename.com] Sent: Sunday, June 29, 2003 1:15 PM To: xri-...@lists.oasis-open.org Subject: [xri-editors] Xref escaping rules
Here's the escaping proposal that I brought up on the last TC call.
The issue is that an XRI or URI is used as a cross-reference may contain characters that must be escaped in order to conform with 2396. Specifically:
* "?" may not appear until the start of the one-and-only query segment allowed by 2396. * The same is true with "#" for fragments * Lastly, an UNMATCHED opening or closing paren must be escaped or else the cross-reference will not parse correctly. (Note that MATCHED opening and closing parens inside do not need escaping because they represent either a second-level nested cross-reference or a parenthetically enclosed string in a native URI but either way will not be ambiguous.)
However we can't use just 2396 escaping rules (i.e., "%xx" where xx is the hex value of the character) for these four characters because it if the embedded XRI or URI contained those same escape sequences natively, it would be ambiguous which to unescape and not to unescape when the cross-reference is extracted. For example, if a URI already contained the escape sequence %3F (the "?" character) before it was turned into a cross-reference, how would the parser know NOT to unescape it when extracting the cross-reference?
The proposed solution is to apply two special escaping rules to any URI/XRI string being embedded as a cross-reference. They must be applied in the following order:
1) Parse the string to find any instance of "%3F", "%23", "%28", or "%29" and enclose these in parens. Example: "(%3F)". 2) Escape any "?", "#", or UNMATCHED paren as per 2396 escaping. Example: a URI that contained a query would have the "?" turned into %3F.
To extract a cross-reference, apply the same two rules in reverse, i.e.:
1) From the extracted cross-reference, escape any instance of %3F, %23, %28, or %29 EXCEPT those enclosed in parens. 2) For any instance of "%3F", "%23", "%28", or "%29" enclosed in parens, remove the parens.
Example:
Embed: URI "http://foo.com/?id=21#bar" in XRI "xri:@foo/baz/" Result: "xri:@foo/baz/(http://foo.com/%3Fid=21%23bar)"
Embed: URI "http://foo.com/?id=21-%28widget#bar" in XRI "xri:@foo/baz/" Result: "xri:@foo/baz/(http://foo.com/%3Fid=21-(%28)widget%23bar)"
Does this work for everyone? Any other proposals?
=Drummond
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------