'URL containing the scheme but not the authority (hostname)?

Is it legal (and good practice, and well supported) to omit the "authority" component from a URL (typically the hostname) but specify a scheme (typically http: or https: ) ?

For example, are these valid urls?

  https:login.html   (relative hostname and path)
  https:/auth/login.html   (relative hostname, absolute path)

The expected behaviour, of course, would be to use the current hostname - path (relative).

(BTW, this assumes that the // after the scheme is part of the authority (host) component, I think this is the right intepretation)

The motivation is the (common) requirement that some pages of a website are to be accesed via https and other via http, and we'd like to use relative urls instead of absolute (to test in different environments).

urlhttps


Solution 1:[1]

According to RFC1738 the double slashes // are part of the protocol (scheme) specific data (so they are not compulsory according to this document).

But the HTTP protocol (RFC2616) in 3.2.2 makes the double slashes part of the scheme, so it's a must. No valid HTTP URL without them.

From RFC2616 3.2.1:

URIs in HTTP can be represented in absolute form or relative [ ... ] The two forms are differentiated by the fact that absolute URIs always begin with a scheme name followed by a colon.

... so if you specify the scheme then it already is considered an absolute URI.

Solution 2:[2]

According to RFC 3986:

  • the Scheme can only contain letters, numbers, and +.-
  • the // is part of the Authority

So:

  • scheme:    //authority    /path

This means

https://stackoverflow.com/auth/login.html
\____/\_________________/\______________/
   |          |                 |
scheme    authority            path

The Authority is optional, which means the following is also valid:

https:/auth/login.html
\____/\______________/
   |         |
scheme      path

The RFC notes another rule:

  • if you omit the Authority, the Path cannot begin to two slashes //
  • if you omit the Authority, the Path not need to begin with a /

To sum up:

  • https://stackoverflow.com/auth/login.html (valid)
  • https:///auth/login.html (invalid; path cannot begin with // when no authority present)
  • https://auth/login.html (invalid; path cannot begin with // when no authority present)
  • https:/auth/login.html (valid)
  • https:auth/login.html (valid)
  • https:/login.html (valid)
  • https:login.html (valid)
  • https:/ (valid)
  • https: (valid)

To answer your question

  • https:login.html: Yes
  • https:/auth/login.html Yes

Solution 3:[3]

After reading some sources, I think that the relevant reference is RFC1808

There it is explicitly stated that if a scheme name is specified, then the URL is assumed to be absolute.

It also comments (5.2) that RFC1630 allowed some relative URL with a scheme name, but:

  • the scheme name had to be the same as the current (base), and would be ignored
  • that behaviour was only implemented in old browsers
  • it's deprecated

In conclusion, the above urls are invalid.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1
Solution 2 Ryan M
Solution 3

Related Questions