Internet Explorer URL Display problem

Chris Yuzik chris at fractalweb.com
Fri Dec 12 17:09:19 GMT 2003


On Fri, 2003-12-12 at 03:47, Randal, Phil wrote:
> RFC 2396 (http://www.faqs.org/rfcs/rfc2396.html) generalises URIs.

I only skimmed the spec. But what I gathered, unless I completely
misunderstood the document is that characters from %00 through %1F
inclusive and %7F are control characters and shouldn't be in a URI.

   Although they are disallowed within the URI syntax, we include here a
   description of those US-ASCII characters that have been excluded and
   the reasons for their exclusion.

   The control characters in the US-ASCII coded character set are not
   used within a URI, both because they are non-printable and because
   they are likely to be misinterpreted by some control mechanisms.

   control     = <US-ASCII coded characters 00-1F and 7F hexadecimal>

So how much trouble would we cause if we just disallowed the entire
range of control characters from URIs? Can anyone think of a real website
that legitimately uses any of these control codes within their URIs? I'm
particularly concerned about shopping sites with their massive URIs.

I still think I would rather have MailScanner do the checking for this
so we can notify the recipient properly, rather than just marking
the message as high spam and/or deleting the message altogether. Perhaps
we could even have MailScanner remove the link code altogether but still
deliver the rest of the message.

Thoughts?

Chris



More information about the MailScanner mailing list