bin/116005: libfetch accepts invalid URLs

Giorgos Keramidas keramida at
Mon Sep 17 05:30:09 PDT 2007

The following reply was made to PR kern/116005; it has been noted by GNATS.

From: Giorgos Keramidas <keramida at>
To: Howard Chu <hyc at>
Cc: bug-followup at
Subject: Re: bin/116005: libfetch accepts invalid URLs
Date: Sun, 16 Sep 2007 15:10:53 +0300

 On 2007-09-02 01:12, Howard Chu <hyc at> wrote:
 > >Number:         116005
 > >Category:       bin
 > >Synopsis:       libfetch accepts invalid URLs
 > The URL parser in libfetch does not enforce the RFC1738 syntax, and it
 > seems to have no clue about RFC1808. Most likely the code needs to be
 > refreshed in terms of RFC2396.
 > The URL syntax specifies that URLs with the form "scheme://authority"
 > may only be followed by an absolute path, if anything. Thus
 >   file:///tmp/junk
 > is valid (references "/tmp/junk")
 > libfetch also allows references like
 >   file://./foo/bar
 > (which references "./foo/bar")
 In one of the SCM projects I am closely tracking (Mercurial), the URL
 parser supports URIs of the form:
 and the argument of the developers for making the first one a relative
 path was that with this sort of URI syntax it is easy to specify both an
 absolute *and* a relative path [with ssh-tunneled repository clones,
 this is really _very_ useful at times :-)].
 > But the URI syntax does not allow relative paths to follow an
 > authority spec.
 That's interesting.  I am offline right now, but it would be nice to
 have a definitive reference to the relevant RFCs.  I'll look up at least
 the following:
 Any other related RFCs we should look at?

More information about the freebsd-bugs mailing list