Re: partial URLs ? (was <p> ... </p>)
James R Grinter (jrg@demon.net)
Wed, 20 Dec 1995 11:38:03 +0000
On Wed 20 Dec, 1995, Jon Wallis <j.wallis@wlv.ac.uk> wrote:
>At 13:19 19/12/95 -0600, BearHeart/Bill Weinman wrote:
>>
>> The problem with the parial URLs may be the "../" references.
>>
>> Some servers, and perhaps some browsers too, disallow them because
>>they've been abused to get around security measures.
>
>That really shouldn't be a problem if the system is set up right - but since
>so many systems are poorly set up in terms of security I can believe it.
>
>However, it doesn't make sense to stop a browser using relative URLs, since
>the browser on its own can't pose a security threat. Also, not being able
Indeed. The spec specifies that relative/partial urls will work, and
the valid forms. (You can do "./" rather than having to use "index.html"
or other uglyness, for example).
Servers do indeed drop '..' parts so that someone can't try
and reference a document outside the 'document tree'. That's only wise.
A browser not implementing relative URLs is broken.
-- jrg.