Trailing Slash?

Mark Rafn dagon at
Mon Oct 17 17:09:31 PDT 2005

> On Mon, Oct 17, 2005 at 12:32:37PM -0800, Christopher E. Granade wrote:
>> * The delegate identity URL must be canonical. It will not be further
>>   processed by the consumer, so be sure it has the "http://" and
>>   trailing slash, if there's no path component.
>>   NOTE: The consumer SHOULD append a trailing slash if appropriate, and
>>   if the login fails without the slash appended. Note also that a server
>>   SHOULD NOT recognize two identity URLs that differ only by a trailing
>>   slash.

On Mon, 17 Oct 2005, Dave Holland wrote:
> My web server (Apache, FWIW) issues a redirect with code 301 if the
> trailing slash is omitted from a directory-level URL. Is it worth saying
> something like...
>  [the URL] "will not be further processed by the consumer except to
>  follow HTTP redirects, so be sure..." [etc]
> or is that pushing too much work onto the consumer?

The consumer currently makes NO connection to the URL of the delegate 
identity.  Changing this seems like it would be a bad idea (especially if 
you then got into the idea of chained delegation...)

I don't see a strong argument against changing the spec to require a 
consumer to canonicalize (but not to fetch or to follow redirects) the 
delegate ID, but I also don't see any reason to do so.

Think of it this way: the claimed identity is intended to be typed into a 
form, or otherwise come from a human.  Flexibility is good, because humans 
are lazy and ignorant.

The delegated identity can ONLY come from a programmatic source (the 
contents of the canonicalized and resolved claimed identity URL), so 
there's no reason to require a consumer to guess the correct URL from a 
shorthand version.
Mark Rafn    dagon at    <>

More information about the yadis mailing list