[7u8] [Re: RFR [7u6]: 7166896: DocumentBuilder.parse(String uri) is not IPv6 enabled. It throws MalformedURLException
Paul Sandoz
paul.sandoz at oracle.com
Tue Jul 10 19:26:14 UTC 2012
Hi Joe,
If you are gonna fix things to support IPv6 addresses in URLs i really think you need to make it work for URLs with international characters too.
On Jul 10, 2012, at 8:50 PM, Joe Wang wrote:
>>
>> 602 if (reader == null) {
>> 603 stream = xmlInputSource.getByteStream();
>> 604 if (stream == null) {
>> 605 URL location = new URL(escapeNonUSAscii(expandedSystemId));
>> 606 URLConnection connect = location.openConnection();
>> 607 if (!(connect instanceof HttpURLConnection)) {
>> 608 stream = connect.getInputStream();
>> 609 }
>>
>> If this is really about supporting non-percent encoded international characters in the system ID, then you can make a simple fix to support IPv6-based URLs in general: do not percent encoded *any* ascii characters.
>
> When encoding an url, aren't reserved characters supposed to be encoded as well?
>
Your fix does not do that:
2608 protected static String escapeNonUSAscii(String str) {
2609 if (str == null) {
2610 return str;
2611 }
2612 int len = str.length(), i=0, ch;
2613 for (; i < len; i++) {
2614 ch = str.charAt(i);
2615 // if it's not an ASCII 7 character, break here, and use UTF-8 encoding
2616 if (ch >= 128)
2617 break;
2618 }
2619
2620 // we saw no non-ascii-7 character
2621 if (i == len) {
2622 return str; // <--- reserved characters are not percent-encoded
2623 }
2624
I know it is deliberate attempt to avoid '[' and ']' characters being percent encoded, whether the URL has an IPv6 address or not, even though '[' and ']' are reserved characters outside of an IPv6 address .
My point is if you don't encode reserved ASCII characters when all the characters in the URL are ASCII characters then don't encode reserved ASCII characters when there are also international characters present that will be encoded. Then "escapeNonUSAscii" actually does what the method is called :-)
Otherwise the other, more preferable solution IMHO, is to remove the hack of using escapeNonUSAscii.
Paul.
More information about the core-libs-dev
mailing list