On Thu, Apr 26, 2012 at 01:26:35PM +0100, Cooke, Mark wrote:
> ...so what about users using non-latin character sets?
> Surely not all subversion users are english?
American or British or Hiberno or some other English?
To a computer the difference would matter a lot.
> We are using plain-text `Basic` authentication (over https!) so
> subversion should surely be able to send the characters entered by the
> user?
The problem is that computers don't have a concept of "text" or
"characters". All they know is bits and bytes.
How a particular text appears in computer memory when represented
as bits and bytes can vary from system to system. For instance it might
depend on locale configuration settings, or system-wide encoding
conventions -- some systems don't even use ASCII (which is usually
used today to represent English text in memory).
If the client uses a different representation for a given piece of
text (password) than the server does, the client and server won't
understand each other properly. Even though when rendered on the screen
on either client or the server the text happens to appear exactly the
same, there is no such guarantee for its internal representation which
is used to match the provided password.
Misunderstandings like these can also happen with humans to a lesser
extent (humans have quite good error correction built-in), especially with
speakers of foreign languages (e.g. when they try to order drought beer
instead of draught beer :)
Received on 2012-04-26 18:58:48 CEST