[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Escaping in URIs (Was: draft-ietf-ldapbis-filter-03.txt)
Steven Legg writes:
> The string representation of LDAP search filters is used in LDAP URLs.
> LDAP URLs are present in Referrals in components of type LDAPString.
> LDAPString is required to contain UTF-8 encoded characters.
> If octets in the range 0x80 to 0xff in arbitrary octet data in assertion
> values are not escaped then they could potentially represent invalid
> UTF-8 encodings. Escaping octets > 0x7f means that the filter string
> is ASCII and therefore also valid UTF-8.
Good point. For the LDAPURL draft, that is:-)
I think last paragraph of [LDAPURL] section 5 covers it, but maybe it
wouldn't hurt to end that pargaraph with something like "Thus, a
generated LDAP URL MUST be an IA5 string, though implementations SHOULD
be prepared to accept other valid UTF-8 strings.".
There is a bug in that paragraph, BTW:
> Note that characters that are not safe (e.g., spaces) (as defined in
> section 2.1 of [RFC2396]), (...)
RFC2396 doesn't define "safe", and section 2.1 certainly doesn't - that
is about characters vs. octets. I think it should be something like:
Note that characters that are not an "uric" character, as defined
in {Appendix A or section 2} of [RFC2396], (...)
--
Hallvard