Re: partial URLs ? (was <p> ... </p>)

James R Grinter ([email protected])
Wed, 20 Dec 1995 11:38:03 +0000


On Wed 20 Dec, 1995, Jon Wallis <[email protected]> wrote:
>At 13:19 19/12/95 -0600, BearHeart/Bill Weinman wrote:
>>
>> The problem with the parial URLs may be the "../" references.
>>
>> Some servers, and perhaps some browsers too, disallow them because
>>they've been abused to get around security measures.
>
>That really shouldn't be a problem if the system is set up right - but since
>so many systems are poorly set up in terms of security I can believe it.
>
>However, it doesn't make sense to stop a browser using relative URLs, since
>the browser on its own can't pose a security threat. Also, not being able

Indeed. The spec specifies that relative/partial urls will work, and
the valid forms. (You can do "./" rather than having to use "index.html"
or other uglyness, for example).

Servers do indeed drop '..' parts so that someone can't try
and reference a document outside the 'document tree'. That's only wise.

A browser not implementing relative URLs is broken.

-- jrg.