URL canonicalization
Dan Libby
danda at videntity.org
Wed Sep 14 14:53:28 PDT 2005
Hi, in my database, I need to uniquely keep track of visitors that are
logging in via remote OpenID servers. The best key available is their
identity url. But that leaves me with a question about how exactly to
canonicalize it, that the spec does not clearly address.
The spec says:
"Note that the user can leave off "http://" and the trailing "/". A
consumer must canonicalize the URL, following redirects and noting the
final URL. The final, canonicalized URL is the user's identity URL."
Okay, so case-insensitivity is fairly obvious. I'm already lower-casing
everything. But what about http vs https? For example, should
"https://sally.people.com/" be treated as a separate identity from
"http://sally.people.com/"? Or should the protocol be ignored?
I suppose the issue can be broadened to: the spec is a bit vague about
canonicalization of identity URLs. Can we get clarification?
thanks,
Dan Libby
More information about the yadis
mailing list