Closed spacid closed 1 month ago
Hi @luis100 and @hmiguim , can you confirm that this is indeed a bug in the validator code and not the expected behaviour as per the E-ARK specification? :) That way we can close the issue internally and know whether or not we have to change our samples or not.
Hello,
On my interpretation, the E-ARK specification allows any relative URL, which would include the ability to use .
and ..
, but the validator does a string comparison between the paths on the AIP (which are listed without any .
or ..
) and the URLs listed in the METS files, which then results in a failure.
The paths should then be normalized before comparing, but it is currently not done so. This is therefore a bug or lack of support from the validator.
PS: note that allowing ..
opens security concerns that must be also be dealt with to avoid path transversal.
Fixed in #286
Hi,
Currently, it is not allowed to use
./
as a relative path in the attribute@xlink:href
.A (non-exhaustive) snippet from the root METS.xml to illustrate:
This generates quite some errors:
Removing
./
results in a successful validation report. However, I believe that the spec should allow this or am I misinterpreting it? For example:As a sidenote, the issue description of CSIP66 contains a typo:
As is:
To be, as example: