Re: [RFC] [Discussion] Add WHATWG compliant URL parsing API

From: ignace nyamagana butera Date: Wed, 30 Apr 2025 07:58:02 +0000

Subject: Re: [RFC] [Discussion] Add WHATWG compliant URL parsing API

References: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 Groups: php.internals

Request: Send a blank email to [email protected] to get a copy of this message

Hi Máté and Tim

I read the following in the RFC

>Withers of Uri\WhatWg\Url follow the relevant “setter steps” that are
defined <https://url.spec.whatwg.org/#dom-url-protocol>
by WHATWG URL.
Unfortunately, these algorithms sometimes have surprising behavior where
modification fails silently, and the original values are kept. For
example. Even
though this RFC acknowledges the fact that the WHATWG URL “setter steps”
have gotchas, it doesn't try to prevent them - as doing so would be spec
-incompliant.

Reading the WHATWG URL specification and checking how

   - Chrome,
   - Firefox
   - and even https://github.com/TRowbotham/URL-Parser


behave I see that mutator either silently reject the invalid input on
setter or normalize them I was wondering if it still make sense to still
say that URL mutator can throws InvalldUrlException ? Since AFAIK only a
TypeError could actually be thrown if the wrong input is given, no
specially crafted string can make the spec throw unless I have overlooked
it.

On Tue, Apr 29, 2025 at 8:55 PM Tim Düsterhus <[email protected]> wrote:

> Hi
>
> On 4/29/25 10:54, ignace nyamagana butera wrote:
> > I have one last question while reviewing my polyfill implementation. Is
> it
> > worth it adding a SensitiveParameter attribute on the argument of the
> > following methods ?
> >
> > - Uri\Rfc3986\Uri::withUserInfo
> > - Uri\WhatWg\Url::withPassword
> >
> > I'm fine with any answer ? Does it warrant a paragraph in the RFC ? That
> I
> > do not know but I feel the question may be raised ?
>
> Good catch. Since they may throw an exception for malformed inputs, they
> should have the attribute. Especially since folks might try to use
> special characters in passwords, which might need encoding.
>
> No paragraph in the RFC needed, but the attribute should be added to the
> “stub”.
>
> Best regards
> Tim Düsterhus
>

Thread (152 messages)

Máté KocsisFri, 28 Jun 2024 20:06:14 +0000
Marco PivettaFri, 28 Jun 2024 20:21:33 +0000
LynnFri, 28 Jun 2024 21:02:08 +0000
Niels DosscheFri, 28 Jun 2024 21:35:36 +0000
BilgeFri, 28 Jun 2024 22:53:12 +0000
Stephen ReaySat, 29 Jun 2024 09:57:17 +0000
Rob LandersSat, 29 Jun 2024 10:33:16 +0000
ignace nyamagana buteraSun, 30 Jun 2024 06:51:52 +0000
Máté KocsisSun, 07 Jul 2024 09:13:58 +0000
Rob LandersSun, 07 Jul 2024 10:40:02 +0000
Rob LandersSun, 07 Jul 2024 10:59:45 +0000
ignace nyamagana buteraSun, 07 Jul 2024 10:55:18 +0000
Rob LandersSun, 07 Jul 2024 11:10:11 +0000
Nicolas GrekasMon, 08 Jul 2024 07:51:27 +0000
Máté KocsisMon, 15 Jul 2024 09:20:02 +0000
Larry GarfieldMon, 15 Jul 2024 13:23:10 +0000
Ignace Nyamagana ButeraMon, 15 Jul 2024 19:31:27 +0000
Máté KocsisSun, 30 Jun 2024 06:00:00 +0000
Larry GarfieldFri, 28 Jun 2024 22:14:19 +0000
Máté KocsisSat, 29 Jun 2024 22:42:06 +0000
Ben RamseyFri, 28 Jun 2024 23:28:36 +0000
nyamsprod the funky webmasterSat, 29 Jun 2024 08:20:11 +0000
Ben RamseySat, 29 Jun 2024 17:35:46 +0000
Juris EvertovskisSat, 29 Jun 2024 16:19:12 +0000
KrinkleSat, 29 Jun 2024 20:27:50 +0000
LanreMon, 08 Jul 2024 17:24:09 +0000
LanreFri, 19 Jul 2024 22:55:27 +0000
Niels DosscheSun, 21 Jul 2024 11:21:39 +0000
ignace nyamagana buteraTue, 23 Jul 2024 06:38:40 +0000
Máté KocsisMon, 26 Aug 2024 07:40:56 +0000
Dennis SnellMon, 26 Aug 2024 22:25:35 +0000
Máté KocsisTue, 19 Nov 2024 08:49:41 +0000
Dennis SnellFri, 03 Jan 2025 07:18:33 +0000
ignace nyamagana buteraMon, 13 Jan 2025 15:09:50 +0000
Máté KocsisSun, 16 Feb 2025 22:01:36 +0000
Tim DüsterhusFri, 21 Feb 2025 12:06:57 +0000
Tim DüsterhusSun, 23 Feb 2025 15:05:25 +0000
Juris EvertovskisSun, 23 Feb 2025 17:47:41 +0000RE: [PHP-DEV] [RFC] [Discussion] Add WHATWG compliant URL parsing API
Tim DüsterhusMon, 24 Feb 2025 09:15:57 +0000Re: [RFC] [Discussion] Add WHATWG compliant URL parsing API
Máté KocsisMon, 10 Mar 2025 22:58:16 +0000
Ignace Nyamagana ButeraMon, 24 Feb 2025 09:18:10 +0000
Tim DüsterhusMon, 24 Feb 2025 09:43:45 +0000
Nicolas GrekasMon, 24 Feb 2025 11:08:07 +0000
Tim DüsterhusMon, 24 Feb 2025 12:48:14 +0000
Nicolas GrekasMon, 24 Feb 2025 13:44:53 +0000
Marco PivettaMon, 24 Feb 2025 13:57:32 +0000
Sebastian BergmannMon, 24 Feb 2025 14:23:44 +0000
Gina P. BanyardMon, 24 Feb 2025 13:57:55 +0000
Hammed AjaoMon, 24 Feb 2025 14:05:37 +0000
Tim DüsterhusMon, 24 Feb 2025 16:22:39 +0000
Máté KocsisFri, 14 Mar 2025 21:23:06 +0000
Nicolas GrekasMon, 24 Feb 2025 14:29:28 +0000
ignace nyamagana buteraTue, 25 Feb 2025 16:00:32 +0000
ignace nyamagana buteraTue, 25 Feb 2025 16:00:32 +0000
Máté KocsisFri, 14 Mar 2025 19:54:22 +0000
Máté KocsisFri, 14 Mar 2025 19:45:23 +0000
ignace nyamagana buteraFri, 14 Mar 2025 22:26:04 +0000
Máté KocsisMon, 17 Mar 2025 19:58:27 +0000
Paul M. JonesTue, 18 Mar 2025 17:00:55 +0000
Máté KocsisTue, 18 Mar 2025 20:15:52 +0000
Paul M. JonesWed, 19 Mar 2025 15:13:42 +0000
Máté KocsisTue, 25 Mar 2025 08:45:12 +0000
Paul M . JonesFri, 28 Mar 2025 15:44:14 +0000
Máté KocsisMon, 05 May 2025 21:32:33 +0000
Ignace Nyamagana ButeraWed, 19 Mar 2025 21:18:24 +0000
Paul M. JonesSat, 22 Mar 2025 14:01:45 +0000
Tim DüsterhusSun, 30 Mar 2025 11:25:15 +0000
Máté KocsisThu, 27 Mar 2025 21:04:27 +0000
Ignace Nyamagana ButeraThu, 27 Mar 2025 22:49:39 +0000
Tim DüsterhusSun, 30 Mar 2025 12:42:33 +0000
Ignace Nyamagana ButeraSun, 30 Mar 2025 20:53:57 +0000
Ignace Nyamagana ButeraMon, 31 Mar 2025 19:15:47 +0000
Máté KocsisWed, 02 Apr 2025 17:59:11 +0000
Ignace Nyamagana ButeraFri, 04 Apr 2025 17:46:55 +0000
Máté KocsisWed, 02 Apr 2025 20:41:55 +0000
Máté KocsisSun, 02 Mar 2025 22:00:08 +0000
Tim DüsterhusSun, 30 Mar 2025 12:36:04 +0000
Máté KocsisSun, 13 Apr 2025 12:10:52 +0000
Tim DüsterhusTue, 15 Apr 2025 14:20:52 +0000
Ignace Nyamagana ButeraTue, 15 Apr 2025 17:12:37 +0000
Máté KocsisTue, 15 Apr 2025 21:55:25 +0000
Tim DüsterhusThu, 17 Apr 2025 07:22:34 +0000
Máté KocsisThu, 17 Apr 2025 11:18:21 +0000
ignace nyamagana buteraThu, 17 Apr 2025 11:49:54 +0000
Máté KocsisThu, 17 Apr 2025 11:53:34 +0000
Máté KocsisThu, 17 Apr 2025 12:04:53 +0000
Paul M. JonesThu, 17 Apr 2025 20:47:46 +0000
Tim DüsterhusThu, 17 Apr 2025 20:58:53 +0000
Paul M. JonesThu, 17 Apr 2025 21:14:55 +0000
Tim DüsterhusThu, 17 Apr 2025 21:19:20 +0000
Tim DüsterhusWed, 23 Apr 2025 10:50:44 +0000
ignace nyamagana buteraSun, 27 Apr 2025 20:30:24 +0000
Tim DüsterhusSun, 27 Apr 2025 20:32:44 +0000
ignace nyamagana buteraSun, 27 Apr 2025 20:50:45 +0000
Tim DüsterhusSun, 27 Apr 2025 21:05:37 +0000
Máté KocsisSat, 03 May 2025 21:18:35 +0000
Máté KocsisSun, 27 Apr 2025 21:47:04 +0000
Tim DüsterhusSun, 27 Apr 2025 22:33:15 +0000
ignace nyamagana buteraMon, 28 Apr 2025 07:05:29 +0000
ignace nyamagana buteraMon, 28 Apr 2025 08:42:23 +0000
Máté KocsisMon, 28 Apr 2025 21:20:57 +0000
ignace nyamagana buteraMon, 28 Apr 2025 21:31:02 +0000
ignace nyamagana buteraTue, 29 Apr 2025 08:54:45 +0000
Tim DüsterhusTue, 29 Apr 2025 18:55:04 +0000
ignace nyamagana buteraWed, 30 Apr 2025 07:58:02 +0000
ignace nyamagana buteraWed, 30 Apr 2025 16:42:03 +0000
Máté KocsisSat, 03 May 2025 21:07:43 +0000
Máté KocsisSat, 03 May 2025 21:05:56 +0000
Paul M. JonesMon, 28 Apr 2025 19:49:24 +0000
ignace nyamagana buteraMon, 28 Apr 2025 20:47:49 +0000
Paul M. JonesTue, 29 Apr 2025 13:55:31 +0000
ignace nyamagana buteraTue, 29 Apr 2025 20:08:24 +0000
Dennis SnellWed, 05 Mar 2025 22:45:37 +0000
Máté KocsisSat, 15 Mar 2025 22:05:14 +0000
Máté KocsisTue, 25 Mar 2025 22:23:03 +0000
Dennis SnellTue, 25 Mar 2025 23:06:03 +0000
Dennis SnellTue, 25 Mar 2025 23:53:08 +0000
Larry GarfieldSat, 31 Aug 2024 00:10:15 +0000
Máté KocsisSun, 24 Nov 2024 20:40:07 +0000
Tim DüsterhusFri, 29 Nov 2024 12:28:20 +0000
Tim DüsterhusFri, 29 Nov 2024 12:21:17 +0000
Máté KocsisThu, 05 Dec 2024 21:49:43 +0000
Christoph M. BeckerThu, 05 Dec 2024 23:16:10 +0000
Larry GarfieldThu, 05 Dec 2024 23:43:29 +0000
Gina P. BanyardSun, 23 Feb 2025 17:30:14 +0000
Paul M. JonesSun, 23 Feb 2025 17:57:09 +0000
Gina P. BanyardMon, 24 Feb 2025 00:48:06 +0000
Tim DüsterhusMon, 24 Feb 2025 09:36:48 +0000
Paul M . JonesTue, 25 Feb 2025 12:36:20 +0000
ignace nyamagana buteraTue, 25 Feb 2025 15:55:20 +0000
Paul M. JonesThu, 27 Feb 2025 13:48:02 +0000
Faizan Akram DarThu, 27 Feb 2025 21:01:10 +0000
Rob LandersThu, 27 Feb 2025 23:02:05 +0000
LynnFri, 28 Feb 2025 08:38:11 +0000
Rob LandersFri, 28 Feb 2025 09:26:48 +0000
Máté KocsisFri, 14 Mar 2025 21:41:28 +0000
ignace nyamagana buteraTue, 25 Feb 2025 15:55:20 +0000
Paul M. JonesThu, 27 Feb 2025 13:48:02 +0000
Faizan Akram DarThu, 27 Feb 2025 21:01:10 +0000
Rob LandersThu, 27 Feb 2025 23:02:05 +0000
LynnFri, 28 Feb 2025 08:38:11 +0000
Rob LandersFri, 28 Feb 2025 09:26:48 +0000
Máté KocsisFri, 14 Mar 2025 21:41:28 +0000
Tim DüsterhusMon, 24 Feb 2025 09:15:01 +0000
Máté KocsisWed, 12 Mar 2025 22:00:21 +0000
Tim DüsterhusSun, 30 Mar 2025 11:12:09 +0000
Máté KocsisMon, 10 Mar 2025 22:51:45 +0000
Larry GarfieldTue, 11 Mar 2025 04:34:37 +0000
Máté KocsisSat, 29 Mar 2025 22:18:53 +0000
Máté KocsisMon, 07 Apr 2025 23:00:25 +0000
Máté KocsisMon, 07 Apr 2025 23:27:06 +0000
Máté KocsisMon, 05 May 2025 21:36:05 +0000
Paul M. JonesWed, 07 May 2025 19:16:11 +0000
Gina P. BanyardWed, 07 May 2025 22:02:37 +0000
Paul M. JonesThu, 08 May 2025 17:38:08 +0000
Stephen ReaySat, 29 Jun 2024 09:31:41 +0000Re: [RFC] [Discussion] Add WHATWG compliant URL parsing API
BilgeSat, 29 Jun 2024 11:52:37 +0000
Máté KocsisSun, 07 Jul 2024 09:26:00 +0000

« previous	php.internals (#127247)	next »

From:	ignace nyamagana butera	Date:	Wed, 30 Apr 2025 07:58:02 +0000
Subject:	Re: [RFC] [Discussion] Add WHATWG compliant URL parsing API
References:	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message