Allowed characters in URLs transported in the body of an API call. 

**Problem description**
Allowed characters in URLs that are sent in the body of an API call, e.g.  TMF931 operation “/applicationOwner" with "privacyPolicyURL".  are defined in RFC 3896 

[Characters](https://datatracker.ietf.org/doc/html/rfc3986)

There is a set of reserved characters: 
reserved    = gen-delims / sub-delims

      gen-delims  = ":" / "/" / "?" / "#" / "[" / "]" / "@"

      sub-delims  = "!" / "$" / "&" / "'" / "(" / ")"
                  / "*" / "+" / "," / ";" / "="

and a set of unreserved 

     unreserved  = ALPHA / DIGIT / "-" / "." / "_" / "~"

However we have found in some cases implemented validation only allows  

     unreserved  = ALPHA / DIGIT 

**Possible evolution**

Include a statement in the documentation that validation should conform to RFC 3986 and allow :

      unreserved  = ALPHA / DIGIT / "-" / "." / "_" / "~

when an URL is sent as a part of the body.  




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allowed characters in URLs transported in the body of an API call. #391

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Allowed characters in URLs transported in the body of an API call. #391

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions