-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validation provider doesn't decode external URIs before calling fs.readFile #69
Comments
Related to KhronosGroup/glTF#1100 — Suppose instead that the asset had a "?" in the filename, and a query parameter:
It's not intended that the query parameter be URI-encoded; that should be passed un-escaped to Although, spaces in particular are not a big problem for the web, as this code will automatically have spaces converted to fetch('https://www.example.com/?q=here is a query')
.then((response) => response.text()); |
More to the point, is it an invalid URI if it contains a space? |
Good question. I would think ideally we'd want glTF to be somewhat tolerant, like the web is. So an encoded space is official, but a non-encoded space is still functional. Query parameters on relative URIs are more questionable in my mind, since that's an HTTP protocol thing, and the root URI may be Obvious but worth noting that this doesn't affect "Embedded" files or the typical GLB that follows the embedded pattern, since the needed data is in the same file. It's only an issue for files that are broken into pieces (which is sometimes an indication the file is still being edited). |
Agreed. EDIT: More specifically, I agree tools should strive to support spaces. Most everything on the web already will. But I don't think we should loosen the spec to say |
It's a complex question. Officially, it shouldn't contain spaces, but there're some normalization rules to fix that on the fly. This issue is aimed at fixing |
Sure. I have no problem with the PR, feel free to merge that. But (now or later) I think we should think through whether the validator should be URI-encoding what is already supposed to be a valid URI. |
Fixed in |
Consider an asset like this:
externalResourceFunction
will be called withspaces%20in%20name.bin
(because it's an URI), andfs.readFile
will fail.The text was updated successfully, but these errors were encountered: