Consider using the basic URL parser (i.e. disallowing blob URLs) #38
Comments
|
I don't think it matters either way. Because I am not parsing a URL string to a URL record, then transmitting the URL record (which would have a blob in the URL parser case). I am serializing the URL record back to a URL string again. So using URL Parser vs Basic URL Parser should be equivalent (blob URLs are implicitly allowed, but we would not transmit the blob object). URL Parser seemed a bit higher level which is why I went with it. Should I still change to Basic URL Parser? If you want to disallow blob URLs, I think we need an explicit check for it and throw a TypeError. |
|
You're right on both counts; the parser used doesn't matter in this case, and my suggestion doesn't properly disallow blobs. Probably leaving things scheme-agnostic makes more sense then, if there's no natural machinery for excluding blobs. So yeah, I'll close; thanks for setting me straight! |
Since these are being passed to other systems, blob URLs might not make sense there.
On the other hand, maybe they would, e.g. when web share targets are available. So maybe this is fine. But I wanted to raise the possibility.
The text was updated successfully, but these errors were encountered: