![[Unicode]](https://www.unicode.org/webscripts/logo60s2.gif){kind=small}
Technical Reports| Technical Reports |
| Version | 17.0 (draft 5) |
| Editors | Mark Davis, Markus Scherer |
| Date | 2025-10-07 |
| This Version | https://www.unicode.org/reports/tr58/tr58-1.html |
| Previous Version | none |
| Latest Version | https://www.unicode.org/reports/tr58/ |
| Latest Proposed Update | https://www.unicode.org/reports/tr58/proposed.html |
| Revision | 1 |
There are flaws in certain ways that URLs are typically handled, flaws that substantially affect their usability for most people in the world — because most people's writing systems don't just consist of A-Z.
When URLs are stored and exchanged in structured data, the start and end of each URL is clear, and it can be parsed according to the relevant specifications. However, when URLs appear as unmarked strings in text content, detecting their boundaries can be challenging. For example, some characters that are often used as sentence-level punctuation in text, such as parentheses, commas, and periods, can also be valid characters within a URL. Implementations often do not behave intuitively and consistently.
When a URL is inserted into text, non-ASCII characters and “special” characters can be percent-encoded, which can make it easy for a later process to find the start and end of the URL. However, escaping more characters than necessary, especially normal letters, can make the URL illegible for a human reader.
Similar problems exist for email addresses.
This document specifies two consistent, standardized mechanisms that address these problems, consisting of:
These two mechanisms are aligned, so that:
The focus is on links with the Schemes
http:, https:, and mailto: —
and links where those Schemes are missing but implied.
For these cases, the two mechanisms of detecting and formatting are aligned, so that:
a minimally escaped URL string between two spaces in flowing text is accurately detected,
and a detected URL works when pasted into address bars of major browsers.
This is a draft document which may be updated, replaced, or superseded by other documents at any time. Publication does not imply endorsement by the Unicode Consortium. This is not a stable document; it is inappropriate to cite this document as other than a work in progress.
A Unicode Technical Standard (UTS) is an independent specification. Conformance to the Unicode Standard does not imply conformance to any UTS.
Please submit corrigenda and other comments with the online reporting form [Feedback]. Related information that is useful in understanding this document is found in the References. For more information see About Unicode Technical Reports and the Specifications FAQ. Unicode Technical Reports are governed by the Unicode Terms of Use.
Review Note: Add to ToC.
The standards for URLs and their implementations in browsers generally handle Unicode quite well, permitting people around the world to use their writing systems in those URLs. This is important: in writing their native languages, the majority of humanity uses characters that are not limited to A-Z, and they expect other characters to work equally well. But there are certain ways in which their characters fail to work seamlessly. For example, consider the common practice of providing user handles such as:
The first three of these works well in practice. Copying from the address bar and pasting into text provides a readable result. However, the fourth example illustrates that copying handles with non-ASCII characters result in the unreadable https://www.youtube.com/@%ED%95%91%ED%81%AC%ED%90%81 in many browsers (Safari excepted). The names also expand in size: https://hi.wikipedia.org/wiki/महात्मा_गांधी turns into a very long string like https://hi.wikipedia.org/wiki/%E0%A4%AE%E0%A4%B9...%E0%A5%80. (While many people cannot read "महात्मा_गांधी", nobody can read %E0%A4%AE%E0%A4%B9...%E0%A5%80.) This unintentional obfuscation also happens with URLs using Latin-script characters, such as https://en.wikipedia.org/wiki/Anton%C3%ADn_Dvo%C5%99%C3%A1k — and very few languages using Latin-script characters are limited to the ASCII letters A-Z; English being a notable exception. This situation is doubly frustrating for people because the un-obfuscated URLs such as https://www.youtube.com/@핑크퐁 and https://en.wikipedia.org/wiki/Antonín_Dvořák work fine as plain text; you can copy and paste them back into your address bar — they go to the right page and display properly in the address bar.
The first three of these work well in practice. Copying from the address bar and pasting into text provides a readable result. However, the last example contains non-ASCII characters. In many browsers this turns into an unreadable string:
The names also expand in size and turn into very long strings:
While many people cannot read "महात्मा_गांधी", nobody can read %E0%A4%AE%E0%A4%B9...%E0%A5%80. This unintentional obfuscation also happens with URLs using Latin-script characters:
Very few languages using Latin-script characters are limited to the ASCII letters A-Z; English being a notable exception. This situation is doubly frustrating for people because the un-obfuscated URLs such as https://www.youtube.com/@핑크퐁 and https://en.wikipedia.org/wiki/Antonín_Dvořák work fine as plain text; you can copy and paste them back into your address bar — they go to the right page and display properly in the address bar.
Notes
- Following WHATWG URL: Goals, this specification uses the term URL broadly, as including unescaped non-ASCII characters; that is, as utilizing the formal definition of IRIs. See also the W3C’s An Introduction to Multilingual Web Addresses.
- This specification uses the term URL broadly, as including unescaped non-ASCII characters; in other words, treating it as matching the formal definition of IRIs. Standardizing on the term “URL” and avoiding the terms “URI” and “IRI” follows the practice promoted by the WHATWG in URL Standard: Goals.
See also the W3C’s An Introduction to Multilingual Web Addresses.- In examples, links will be shown with a background color, to make the extent of the linkification clear.
- Serialization is the process of translating data into a format that can be stored or transmitted, and exactly reconstructed later. This document is concerned with serialization of a URL expressed in Unicode as people would see in an address bar into a readable textual form, not serialization into an internal format such as Punycode.
Review Note: Add to ToC.
There is one other area that needs to be fixed in order to not treat non-English languages as second-class citizens. Email addresses should also work well for all languages. With most email programs, when someone pastes in the plain text:
and sends to someone else, they receive it as:
Review Note: Add to ToC.
URLs are also “linkified” in many other applications, such when pasting into a word processor (triggered by typing a space afterwards, for example). However, many products (many text messaging apps, video messaging chats, etc.) completely fail to recognize any non-ASCII characters past the domain name. And even among those that do recognize such non-ASCII characters, there are gratuitous differences in where they stop linkifying.
Linkification is the process of adding links to URLs and email addresses in plain text input, such as in emails email body text, text messaging, or video meeting chats. The first step in this process is link detection, which is determining the boundaries of spans of text that contain URLs. That substring can then have a link applied to it in output text. The functions that perform these operations are called a link detector and linkifier, respectively.
The specifications for a URL don’t specify how to handle link detection, since they are only concerned with the structure in isolation, not when it is embedded within flowing text. The lack of a clear specification for link detection also causes many implementations to overuse percent escaping for non-ASCII characters when converting URLs into plain text.
The linkification process for URLs is already fragmented — with different implementations producing very different results — but it is amplified with the addition of non-ASCII characters, which often have very different behavior. That is, developers’ lack of familiarity with the behavior of non-ASCII characters has caused the different implementations of linkification to splinter. Yet non-ASCII characters are very important for readability. People do not want to see the above URL expressed in escaped ASCII:
Different implementations linkify URLs and email addresses differently even when they contain only ASCII characters. The differences are even greater when non-ASCII characters are used. Handling letters of all writing systems well is very important for usability. Consider the last example above of a sentence in an email when displayed with a percent-escaped URL:
For example, take the lists of links on List of articles every Wikipedia should have in the available languages. When those links are tested with major products, there are significant differences: any two implementations are likely to linkify those differently, such as terminating the linkification at different places, or not linkifying at all. That makes it very difficult to exchange URLs between products within plain text, which is done surprisingly often — definitely causing problems for implementations that need predictable behavior.
This inconsistency causes problems for users and software companies. Having consistent rules for linkification also has additional benefits, leading to solutions for the following reported problems:
If linkification behavior becomes more predictable across platforms and applications, applications will be able to do minimal escaping. For example, in the following only one character would need escaping, the %29 — representing an unmatched “)”:
Providing a consistent, predictable solution that works well across the world’s languages requires standardized algorithms to define the behavior, and the corresponding Unicode character properties covering all Unicode characters.
UTS58-C1. For a given version of Unicode, a conformant implementation shall replicate the same link detection results as those produced by Section 3, Link Detection Algorithm.
UTS58-C2. For a given version of Unicode, a conformant implementation shall replicate the same minimal escaping results as those produced by Section 4, Minimal Escaping.
UTS58-C3. For a given version of Unicode, a conformant implementation shall replicate the same email link detection results as those produced by Section 5, Email Addresses.
The following table shows the relevant parts of a URL. For clarity, the separator characters are included in the examples. For more information see WhatWG's URL: Example URL Components .
Table 3-1. Parts of a URL
| Scheme | Host (incl. Domain) | Port | Path | Query | Fragment |
|---|---|---|---|---|---|
| https:// | docs.foobar.com | :8000 | /knowledge/area/ | ?name=article&topic=seo | #top |
Note that the Scheme, Port, Path, Query, and Fragment are each optional.
Review Note: Draft 5 changes “Protocol” to “Scheme” (which was already also used).
There are two main processes involved in Unicode link detection.
The start of a URL is easy to determine when it has a known Scheme (eg, “https://”).
Implementations have also developed heuristics for determining the start of the URL when the Scheme is elided, taking advantage of the fact that there are relatively few top-level domains. And those techniques can be easily applied to internationalized domain names, which still have strong limitations on the valid characters. So the end of the domain name is also relatively easy to determine. For more information, see UTS #46, Unicode IDNA Compatibility Processing.
The parsing up to the path, query, or fragment is as specified in WHATWG URL: 4.4. URL parsing.
For example, implementations must terminate link detection if a forbidden host code point is encountered, or if the host is a domain and a forbidden domain code point is encountered. Implementations must not linkify if a domain is not a registrable domain. The terms forbidden host code point, forbidden domain code point, and registrable domain are defined in WHATWG URL: Host representation.
For example, an implementation would parse to the end of microsoft.com and google.de, foo.рф, or xn--j1ay.xn--p1ai.
Termination is much more challenging, because of the presence of characters from many different writing systems. While small, hard-coded sets of characters suffice for an ASCII implementation, there are over 150,000 Unicode characters, many with quite different behavior than ASCII. While in theory, almost any Unicode character can occur in certain fields in a URL URL parts, in practice many characters have very restricted usage in URLs.
Initiation stops at any Path, Query, or Fragment, so the termination process takes over with a “/”, “?”, or “#” character. Each Path, Query, or Fragment can contain most Unicode characters. The key is to be able to determine, given a URL Part (such as a Query), when a sequence of characters should cause termination of the link detection, even though that character would be valid in the URL specification.
It is impossible for a link detection algorithm to match user expectations in all circumstances, given the variation in usage of various characters both within and across languages. So the goal is to cover use cases as broadly as possible, recognizing that it will sometimes not match user expectations in certain cases. Exceptional cases (URLs that need to use characters that would terminate) can still be appropriately linkified if those few characters are represented with % escapes.
At a high level, this specification defines three features:
One of the goals is also predictability; it should be relatively easy for users to understand the link detection behavior at a high level.
This specification defines two properties:
Review Note: Should we in fact define distinct short property aliases? If so, then LTerm / LOpener, or ones that start with “Link”?
Link_Termination is an enumerated property of characters with five
enumerated values: {Include, Hard,
Soft, Close, Open}
The short property value aliases are the same as the long ones.
Table 3-2. Link_Termination Property Values
| Value | Description / Examples |
|---|---|
| Include | There is no stop before the character; it is included in the link. |
Example: letters
|
|
| Hard | The URL terminates before this character. |
Example: a space
|
|
| Soft | The URL terminates before this
character, if it is followed by /\p{Link_Termination=Soft}*(\p{Link_Termination=Hard}|$)/
|
Example: a question mark
|
|
| Close | If the character is paired with a previous character in the same URL Part (path, query, fragment) and in the same subpart (that is, not across interior '/' in a path, or across '&' or '=' in a query), within the same sequence of characters delimited by separators as described in the Termination Algorithm below, it is treated as Include. Otherwise it is treated as Hard. |
Example: an end
parenthesis
|
|
| Open | Used to match Close characters. |
| Example: same as under Close |
Link_Paired_Opener is a string property of characters, which for each character in \p{Link_Termination=Close}, returns a character with \p{Link_Termination=Open}.
Example
The specification of the characters with each of these property values is given in Property Assignments.
The termination algorithm assumes that a domain (or other host) has been successfully parsed to the start of a Path, Query, or Fragment, as per the algorithm in WHATWG URL: 3. Hosts (domains and IP addresses) .
This algorithm then processes each final URL Part [path, query, fragment] of the URL in turn. It stops when it encounters a code point that meets one of the terminating conditions and reports the last location in the current URL Part that is still safely considered part of inside the link. The common terminating conditions are based on the Link_Termination and Link_Paired_Opener properties:
Link_Termination=Hard character, such as a space.
Within a Path, “?” and “#” are handled as Hard. Within
a Query, “#’ is handled as Hard.
Link_Termination=Soft character, such as a ?
that is followed by a sequence of zero or more Soft
characters, then either a Hard character or the end of
the text.
Link_Termination=Close character, such as a
] that does not have a matching Open
character in the same Part of the URL. The matching process
uses the Link_Paired_Opener property to determine the correct Open
character, and matches against the top element of a stack of Open
characters.
More formally:
The termination algorithm begins after the Host (and optionally
Port) have been parsed, so there is potentially a Path, Query, or
Fragment. In the algorithm below, each of those URL Parts has an
initiator character, zero or more terminator characters,
and zero or more clearStackOpen characters.
Table 3-3. Link Termination by URL Part
| Part | initiator | terminators | clearStackOpen | Conditions |
|---|---|---|---|---|
| path | '/' | [?#] | [/] | |
| query | '?' | [#] | [=&] | |
| fragment | '#' | [{:~:}] | [] | |
| fragment directive (text) | :~:text= | [{:~:}] | [-&,{:~:}] | Only invoked if in a fragment or in a fragment directive. There may be multiple fragment directives in a single URL. |
If a future type of directive is defined, a new row will be needed in this table to reflect its structure.
Note about fragment directives:
Currently the only fragment directive that has been defined is the text directive,
as in https://example.com#:~:text=foo&text=bar.
Additional fragment directives may be defined in the future,
and their internal structure may differ from that of the text directive.
At that time, this algorithm will need to be adjusted,
including new rows in the table above and adjusting the initiators, terminators, and clearStackOpen.
For more information, see
URL Fragment Text Directives.
Review Note: In a fragment directive,
the dash '-' is used as an affix rather than as a separator like comma and ampersand:
#:~:text=[prefix-,]start[,end][,-suffix]
Discuss whether to keep the dash in clearStackOpen.
In the following:
cp[i] refers to the ith code point in the
string being parsed, cp[start] is the first code point being
considered, and n is the length of the string.
Review Note: Draft 5 changes details of the algorithm without major logical changes and without detailed change markup.
Review Note: The openStack was unbounded, which is bad for implementations and for security. Draft 5 makes it bounded, with a maximum stack depth of 127. When the stack is at its maximum depth, then another Open character terminates the link before that character. Discuss the maximum depth and behavior.
lastSafe = start — this marks the offset after the
last code point that is included in the link detection (so far).part = none.openStack.i = start to n - 1
part ≠ none and one of the part.terminators matches at i
previousPart = part.part = none.part == none then try to match one of the URL Part initiators at i.
initiators match, then stop and return lastSafe.part according to which URL Part’s initiator matches.part is a Fragment Directive and previousPart
is neither a Fragment nor a Fragment Directive,
then stop and return lastSafe.i to just after the matched part.initiator.lastSafe = i.openStack.part.clearStackOpen elements matches at i
i to just after the matched part.clearStackOpen element.lastSafe = i.openStack.LT = Link_Termination(cp[i]).LT == Include
lastSafe = i + 1.LT == Soft
LT == Hard
lastSafeLT == Open
openStack.length() == 127, then stop and return lastSafe.cp[i] onto openStacklastSafe = i + 1.LT == Close
openStack.isEmpty(), then stop and return lastSafe.lastOpen = openStack.pop().Link_Paired_Opener(cp[i]) == lastOpen
lastSafe = i + 1.lastSafe.lastSafe.For ease of understanding, this algorithm does not include all features of URL parsing. In implementations, the algorithm can be optimized in various ways, of course, as long as the results are the same.
The property assignments are currently derived according to the following descriptions. A full listing of the assignments are supplied in Property Data. Note that most characters that cause link termination are still valid, but require % encoding.
Whitespace, non-characters, deprecated characters, controls, private-use, surrogates, unassigned,...
Termination characters and ambiguous quotation marks:
Derived from Link_Paired_Opener property
if Bidi_Paired_Bracket_Type(cp) == Open then Link_Termination(cp) = Open
else if Bidi_Paired_Bracket_Type(cp) == Close then Link_Termination(cp) = Close
else if cp == "<" then Link_Termination(cp) = Open
else if cp == ">" then Link_Termination(cp) = Close
All other code points
if Bidi_Paired_Bracket_Type(cp) == Close then Link_Paired_Opener(cp) = Bidi_Paired_Bracket(cp)
else if cp == ">" then Link_Paired_Opener(cp) = "<"
else Link_Paired_Opener(cp) = \x{0} none
Only characters with Link_Termination=Close have a Link_Paired_Opener mapping.
The goal is to be able to generate a serialized form of a URL that:
The minimal escaping algorithm is parallel to the linkification algorithm. Basically, when serializing a URL, a character in a Path, Query, or Fragment is only percent-escaped if it is: Hard, Close when unmatched, or Soft when it is the code point (in) a URL part terminator in the enclosing URL part.
This algorithm only handles the formatting of the Path, Query, and Fragment URL Parts. Formatting of the Scheme, Host, and Port should be done as is customary for those URL Parts. For the Host (domain name), see also UTS #46: Unicode IDNA Compatibility Processing and its ToUnicode operation.
In the following:
cp[i] refers to the ith code point in the URL part
being serialized, cp[0] is the first code point in the part, and npart.terminators and a “/” within part of a Path.output = ""outputpart in any non-empty Path, Query, Fragment,
successively:
output: part.initiatorcopiedAlready = 0openStacki = 0 to n - 1part.terminators contains cp[i] one of the part.terminators matches at i
LT = HardLT = Link_Termination(cp[i])part.clearStackOpen contains cp[i] one of the part.clearStackOpen elements matches at i, clear the openStack.LT == Include
output: any code points between
copiedAlready (inclusive) and i (exclusive)output: cp[i]copiedAlready = i + 1LT == Hard
output: any code points between
copiedAlready (inclusive) and i (exclusive)output: percentEscape(cp[i])copiedAlready = i + 1LT == Soft
LT == Open
openStack.length() == 127, then do the same as LT == Hard.cp[i] onto openStack and
do the same as LT == IncludeLT == Close
lastOpen = openStack.pop(), or 0 if the
openStack is emptyLink_Paired_Opener(cp[i]) == lastOpen
LT == IncludeLT == Hardpart is not last
output: all code points between copiedAlready
(inclusive) and n (exclusive)copiedAlready < n
output: all code points between copiedAlready
(inclusive) and n - 1 (exclusive)output: percentEscape(cp[n - 1])The algorithm can be optimized in various ways, of course, as long as the results are the same. For example, the interior escaping for syntactic characters can be combined into a single pass.
Additional characters can be escaped to reduce confusability, especially when they are confusable with URL syntax characters, such as a Ɂ character in a path. See Security Considerations below.
Email address link detection applies similar principles. An email address is of the form local-part@domain-name.
The algorithm is invoked whenever an '@' character is encountered at index n.
The algorithm scans backward from the '@' sign to find the start of the local-part,
assuming that another process has determined that the '@' sign is followed by a valid domain name,
terminating at index end (exclusive).
The pseudocode uses some subfunctions defined after the main body.
LocalPartUnquoted be the set consisting of [\p{Link_Termination=Include} - [\ "(),\:-<>@\[-\]\{\}]]LocalPartQuoted be the set consisting of [^\p{Link_Termination=Hard}["\\]]n+1 to determine if the '@' sign is followed by a valid domain name (terminating at index end).n > 0
cp[n - 1] == '\u0022' (double quote "),
set start = quoteStart(cp, n - 2) and skip scanning.cp[n - 1] == '.' || cp[n - 1] == '\\',
set start = n and skip scanning.i = n - 1 down to -1
i < 0, set start = 0 and terminate scanning.i == n - 1
cp[i] == '\u0022' (double quote "),
set start to be quoteStart(cp, n - 2) and terminate scanning.cp[i] == '.', set start = n and terminate scanning.cp[i] == '.'
cp[i + 1] == '.', set start = i + 2 and terminate scanning.cp[i] is not in LocalPartUnquoted,
set start = i + 1 and terminate scanning. —
Link_Termination(cp[i]) ≠ Include,
set start = i + 1 and terminate scanning.cp[start] == '.', set start = start + 1.start ≥ n, then return a failure code indicating that there was no email address containing that '@'.start, end.The function quoteStart(cp, beforeQuote) processes as follows and returns the start point.
cp[beforeQuote] == '\'
slashCount = getBackslashCountBefore(cp, beforeQuote)slashCount is even
(the backslash escapes the final double quote),
return beforeQuote + 2i = beforeQuote down to -1i < 0, return 0cp[i] == '\u0022' (double quote ") or cp[i] == '\'
slashCount = getBackslashCountBefore(cp, i)slashCount is odd even
(the initial double quote is not escaped),
return i + 1i = i - slashCount — Skip over slashescp[i] is not in LocalPartQuoted, return start = i + 1 beforeQuote + 2 —
Almost all assigned characters are permitted,
but the quoted local-part must begin with a double quote.The function getBackslashCountBefore(cp, i) simply determines
the number of '\' characters immediately, contiguously before
the offset i and returns that number.
A quoted local-part may include a broad range of Unicode characters. See RFC6530. For linkification, the values in a quoted local-part — while broader than in an unquoted locale-part — are more restrictive to prevent accidentally including linkifying more text than intended, especially since those code points are unlikely to be handled by mail servers in any event. The algorithm can be optimized in various ways, including can be adapted to produce an algorithm that is single-pass, as long as it produces the same results. For details of the format, see RFC6530.
Review Note: The algorithm is somewhat simpler than for URLs, because the structure is simpler.
There are slight complications to the algorithm to handle quoted locale-parts and because a valid email local-part cannot start or end with a ".", or contain a "..".
This algorithm includes as much as possible given those constraints., for example:
Table 5-1. Email Address Link Detection Examples
| See @example.😎 | No valid domain name |
| See @example.com | No linkification |
| See ….@example.com | No linkification |
| See abcd@example.com | Stop backing up when a space is hit |
| See .abcd@example.com | Start after the "." |
| See x..abcd@example.com | Start after the ".." |
| See x.abcd@example.com | Include the medial dot. |
| See アルベルト.アルベルト@example.com | Handle non-ASCII |
| See ".\\ア@ ルベ?ルト..アルベルト."@example.com | Handle quoted local-parts, which can contain most characters. The " and \ need to be escaped as \" and \\. |
The Minimal quoting algorithm for email addresses is straightforward:
The security considerations for Path, Query, and Fragment are far less important than for Domain names. See UTS #39: Unicode Security for more information about domain names.
There are documented cases of how Format characters can be used to sneak malicious instructions into LLMs; see Invisible text that AI chatbots understand and humans can’t?. URLs are just a small part aspect of the larger problem of feeding clean text to LLMs, both in building them and in querying them: making sure the text does not have malformed encodings, is in a consistent Unicode Normalization Form (NFC), and so on.
For security implications of URLs in general, see UTS #39: Unicode Security Mechanisms. For related issues, see UTS #55 Unicode Source Code Handling. For display of BIDI URLs, see also HL4 in UAX #9, Unicode Bidirectional Algorithm.
The assignments of Link_Termination and
Link_Paired_Opener property values are in https://www.unicode.org/Public/17.0.0/linkification/.
Draft 4 proposed the links data folder.
This could be confusing. PAG recommends linkification.
Review Note: For comparison to the related General_Category values, see the characters in:
The format for test files is not yet settled, but the files might look something like the following,
in https://www.unicode.org/Public/17.0.0/linkification/.
Review Note: Additional test data with URLs is slated to be added.
Review Note: TBD: Rename serialization to formatting, update the data files for draft 5.
As with other Unicode Properties, the algorithms and property derivations may be changed somewhat in successive versions to adapt to new information and feedback from developers and end users.
An implementation may wish to just make minimal modifications to its use of existing URL link detection and serialization formatting code. For example, it may use imported libraries for these services. The following provides some examples as to how that can be done.
The implementation may call its existing code library for link detection, but then post-process. Using such post-processing can retain the existing performance and feature characteristics of the code library, including the recognition of the Scheme and Host, and then refine the results for the Path, Query, and Fragment. The typical problem is that the code library terminates too early. For code libraries that 'mostly' handle non-ASCII characters this will be a fraction of the detected links.
initiator ([/?#]) of a Path, Query, or Fragment URL Part.The implementation calls its existing code library for the Scheme and Host. It then invokes code implementing the Minimal Escaping algorithm for the Path, Query, and Fragment.
TBD
Thanks to the following people for their contributions and/or feedback on this document: Arnt Gulbrandsen, Dennis Tan, Elika Etemad, Hayato Ito, Jules Bertholet, Markus Scherer, Mathias Bynens, Peter Constable, Robin Leroy, [TBD flesh out further]
The following summarizes modifications from the previous revision of this document.
links to linkification.Modifications for previous versions are listed in those respective versions.
© 2024–2025 Unicode, Inc. This publication is protected by copyright, and permission must be obtained from Unicode, Inc. prior to any reproduction, modification, or other use not permitted by the Terms of Use. Specifically, you may make copies of this publication and may annotate and translate it solely for personal or internal business purposes and not for public distribution, provided that any such permitted copies and modifications fully reproduce all copyright and other legal notices contained in the original. You may not make copies of or modifications to this publication for public distribution, or incorporate it in whole or in part into any product or publication without the express written permission of Unicode.
Use of all Unicode Products, including this publication, is governed by the Unicode Terms of Use. The authors, contributors, and publishers have taken care in the preparation of this publication, but make no express or implied representation or warranty of any kind and assume no responsibility or liability for errors or omissions or for consequential or incidental damages that may arise therefrom. This publication is provided “AS-IS” without charge as a convenience to users.
Unicode and the Unicode Logo are registered trademarks of Unicode, Inc. in the United States and other countries.