Project

General

Profile

Actions

Bug #10669

closed

Incorrect url parsing in 2.2.0

Added by sam.saffron (Sam Saffron) almost 10 years ago. Updated almost 10 years ago.

Status:
Rejected
Assignee:
-
Target version:
-
[ruby-core:67187]

Description

Ruby 2.2 is incorrectly treating invalid URLs as correct due to parser change.

Ruby 2.2.0

irb(main):001:0> require 'uri'
=> true
irb(main):002:0> URI.parse("http://hello.com()")
=> #<URI::HTTP http://hello.com()>
irb(main):003:0>

Ruby 2.1

require 'uri'
=> true
irb(main):002:0> URI.parse("http://hello.com()")
URI::InvalidURIError: the scheme http does not accept registry part: hello.com() (or bad hostname?)
	from /home/sam/.rbenv/versions/2.1.2.discourse/lib/ruby/2.1.0/uri/generic.rb:214:in `initialize'
	from /home/sam/.rbenv/versions/2.1.2.discourse/lib/ruby/2.1.0/uri/http.rb:84:in `initialize'
	from /home/sam/.rbenv/versions/2.1.2.discourse/lib/ruby/2.1.0/uri/common.rb:214:in `new'
	from /home/sam/.rbenv/versions/2.1.2.discourse/lib/ruby/2.1.0/uri/common.rb:214:in `parse'
	from /home/sam/.rbenv/versions/2.1.2.discourse/lib/ruby/2.1.0/uri/common.rb:747:in `parse'
	from (irb):2
	from /home/sam/.rbenv/versions/2.1.2.discourse/bin/irb:11:in `<main>'

This is a breaking change.

Updated by naruse (Yui NARUSE) almost 10 years ago

  • Status changed from Open to Rejected

RFC3986 reg-name allows "()".

Updated by sam.saffron (Sam Saffron) almost 10 years ago

I get that, but a trend is developing here that is concerning.

https://github.com/rack/rack/blob/ab172af1b63f0d8e91ce579dd2907c43b96cf82a/lib/rack/mock.rb#L82-L85

we have a workaround but it seems a bit odd as a default, is there a reason RFC3986 was picked as a default over RFC2396?

Updated by duerst (Martin Dürst) almost 10 years ago

we have a workaround but it seems a bit odd as a default, is there a reason RFC3986 was picked as a default over RFC2396?

RFC 3986 already is turning 10 years old (published January 2005) and has been an Internet Standard for that long. It obsoletes RFC 2396, which was published August 1998. So the right question here is "what reason would there be to pick RFC 2396 over RFC 3986 as the default?".

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0