--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAJQw1Nx7a-wCL30hB3fdrNkkPYscrQLSDcjVn%2BLidG7OqreJPw%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/cb33ba97-8088-409e-9c26-ccb1a9ca10b9n%40chromium.org.
--
due to differences between platform implementations. However, they can become a security concern if an application attempts to filter access to resources based on the IP address in string literal format. If this filtering is performed, literals should be converted to numeric form and filtered based on the numeric value, and not on a prefix or suffix of the string form."
So we've been inconsistent with the IETF URI spec since at least 2005, and it may be time to fix the bug.
But properly!
Much thanks for your advice and checking the standard for the correct behavior.I'd like to provide some more detailed context here.The proposed change is a part of the URL section in interop 2023. Currently our URL parser treats [::1.2.3.] as shortened IPv4 addresses embedded in IPv6 and this is causing a bunch of WPT test failures.The URL RFC requires IPv4 address to consist of concisely four parts.I revisited the URL web standard and it found that it allows shortened IPv4 addresses without trailing dots and disallows embedding them into IPv6 addresses.Currently in chrome:- We are not validating the trailing dots in IPv4 and IPv4-embedded IPv6 addresses.- We allow shortened IPv4 addresses and embedding them into IPv6 addresses.My new proposal is to check the trailing dots in IP addresses and remove support for embedding shortened IPv4 addresses in IPv6 addresses.Does this make sense? Would you advise additional usage metrics to be collected?Much appreciatedJiacheng Guo
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOqqYVF7yPsUn9973GrRifEmqGT1OgJg%3DwVMc_8CdzeTi%2BmgFQ%40mail.gmail.com.