indieauth Link relations in HTTP Link header conflict with RFC 5988.

Link relations in HTTP Link header conflict with RFC 5988.

Open Zegnat opened this issue 6 years ago • 5 comments

IndieAuth registers 3 link relations: authorization_endpoint, token_endpoint, and redirect_uri. Additionally it requires both clients and servers to check HTTP Link headers for URLs with these relations.

According to RFC 5988 (as cited by IndieAuth) an _ (underscore) cannot be used by a link relation within the header field. A link’s relation type must match:

  relation-type  = reg-rel-type | ext-rel-type
  reg-rel-type   = LOALPHA *( LOALPHA | DIGIT | "." | "-" )
  ext-rel-type   = URI

RFC 8288 (which replaces RFC 5988, cf. #15) does not solve this for us. There a link’s relation type is defined using a slightly different ABNF but otherwise unchanged:

  relation-type  = reg-rel-type / ext-rel-type
  reg-rel-type   = LOALPHA *( LOALPHA / DIGIT / "." / "-" )
  ext-rel-type   = URI ; Section 3 of [RFC3986]

Feb 15 '18 15:02 Zegnat

indieauth indieauth copied to clipboard

Link relations in HTTP Link header conflict with RFC 5988.

indieauth
indieauth copied to clipboard