uri.set_scheme should downcase schemes
From RFC 2396 section 3.1:
"For resiliency, programs interpreting URI should treat upper case letters as equivalent to lower case in scheme names (e.g., allow 'HTTP' as well as 'http')."
Currently programs using URI for HTTP vs HTTPS protocol check which protocol to use with a comparison like:
http.use_ssl = uri.scheme == 'https'
Since URI does not modify the input scheme this makes the check fragile. For example:
URI.parse('httpS://example').scheme # => "httpS"
Since RFC 2396 allows uppercase letters to be treated like lowercase I think #set_scheme should downcase its value.
Updated by drbrain (Eric Hodel) over 8 years ago
- Status changed from Assigned to Closed
- % Done changed from 0 to 100
This issue was solved with changeset r35305.
Eric, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.
- lib/uri/generic.rb (module URI): URI now downcases the scheme to follow RFC 2396 section 3.1. [ruby-trunk - Feature #4551]
- test/uri/test_generic.rb (class URI): Test for above