By the URI RFC there is only one way to represent a particular IPv4 address in the host of a URI. This is the standard dotted decimal
notation of four bytes in decimal with no leading zeroes delimited by periods. And no leading zeros are allowed which means there's only one textual representation of a particular IPv4 address.
However as discussed in the URI RFC, there are other forms of IPv4 addresses that although not officially allowed are generally accepted. Many implementations used inet_aton to parse the address from the URI which accepts more
than just dotted decimal. Instead of dotted decimal, each dot delimited part can be in decimal, octal (if preceded by a '0') or hex (if preceded by '0x' or '0X'). And that's each section
individually - they don't have to match. And there need not be 4 parts: there can be between 1 and 4 (inclusive). In case of less than 4, the last part in the string represents all of the left
over bytes, not just one.
For example the following are all equivalent:
Standard dotted decimal form
All of the above
The bread and butter of URI related security issues is when one part of the system disagrees with another about the interpretation of the URI. So this non-standard, non-normal form syntax has
been been a great source of security issues in the past. Its mostly well known now (CreateUri normalizes these
non-normal forms to dotted decimal), but occasionally a good tool for bypassing naive URI blocking systems.
2011 Apr 30, 4:33"The HTTP-based Memento framework bridges the present and past Web by interlinking current resources with resources that encapsulate their past. It facilitates obtaining representations of prior
states of a resource, available from archival resources in Web archives or version resources in content management systems, by leveraging the resource's URI and a preferred datetime. To this
end, the framework introduces datetime negotiation (a variation on content negotiation), and new Relation Types for the HTTP Link header aimed at interlinking resources with their archival/version
resources. It also introduces various discovery mechanisms that further support briding the present and past Web."technicalrfcreferencehttpheadertimemementoarchive
2010 May 24, 6:26"What You See is What They Get: Protecting users from unwanted use of microphones, cameras, and other sensors," by Jon Howell and Stuart Schechter.
"We introduce the sensor-access widget, a graphical user interface element that resides within an application's display. The widget provides an animated representation of the personal data being
collected by its corresponding sensor, calling attention to the application's attempt to collect the data."
2010 Apr 21, 6:51Adds SHA 256 & 512 to HTTP instance digest: 'The IANA registry named "Hypertext Transfer Protocol (HTTP) Digest Algorithm Values" defines values for digest algorithms used by Instance Digests in
HTTP. Instance Digests in HTTP provide a digest, also known as a checksum or hash, of an entire representation of the current state of a resource. This document adds new values to the registry and
updates previous values.'hashcryptographyhttpinstance-digestshasecuritytechnicalietfrfcstandard
2009 Oct 28, 8:31"The presentation will focus on the pioneering work of Paul Otlet, Vannevar Bush, and Doug Engelbart, forebears of the 1960s and 1970s like Ted Nelson, Andries van Dam, and the Xerox PARC team, and
more recent forays like Brown's Intermedia system." Covers things like As We May Think and others who could have made the Web. Would love to have this as a summary with links to everything
rather than a video =)via:connollytechnicalgooglevideointernetwebinformationtechnologymemex
2009 May 3, 4:36Besides being an interesting presentation with real world examples off Web ideas applied to museums, the presentation itself (although its all icky flash) is lovely.via:mattbmuseumflashpresentationvisualization