uri: Use the “includes credentials” rule for WhatWg user/password getters #20303
Conversation
…ters The URL serializing algorithm from the WHATWG URL Standard uses an “includes credentials” rule to decide whether or not to include the `@` in the output, indicating the presence of a userinfo component in RFC 3986 terminology. Use this rule to determine whether or not an empty username or password should be returned as the empty string (present but empty) or NULL (not present).
|
P.S.: Now that I'm working on adding more tests, I realized that the RFC3986 implementation may also benefit from the same return value consolidation:
|
|
Oops, a few tests fail |
For this one I wanted to wait a bit whether or not the upstream lexbor issue is acknowledged before working around it. |
This nicely sidesteps the undefined behavior with passing a `(NULL, 0)` pair without needing manual logic.
|
While upstream seems to have acknowledged the issue, a fix is not yet available. I've therefore worked around the |
I can't wait for https://developers.redhat.com/articles/2024/12/11/making-memcpynull-null-0-well-defined to happen. |
* PHP-8.5: uri: Use the “includes credentials” rule for WhatWg user/password getters (#20303)
3 participants
Thinking about #20208 (comment) this change seems to be most in line with the current semantics of distinguishing between
nulland""for WHATWG. If we decide that null doesn't make sense for WHATWG, we can still change this, but for now this seems to be an actual bug fix.The URL serializing algorithm from the WHATWG URL Standard uses an “includes credentials” rule to decide whether or not to include the
@in the output, indicating the presence of a userinfo component in RFC 3986 terminology. Use this rule to determine whether or not an empty username or password should be returned as the empty string (present but empty) or NULL (not present).