The change for #954 introduced a regression that would cause
the url parser to fail on special chars found in the auth
segment. Fix that, and also don't create invalid urls when
format() is called on an object containing an auth member
containing '@' characters or delimiters.
1. Allow single-quotes in urls, but escape them.
2. Add comments about which RFCs we're following for guidance.
3. Handle any invalid character in the hostname portion.
4. lcase protocol and hostname portions, since they are
case-insensitive.
This does 3 things:
1. Delimiters and "unwise" characters are never included in the
hostname or path.
2. url.format will sanitize string URLs that are passed to it.
3. The parsed url's 'href' member will be the sanitized url, which may
not match the argument to url.parse.
Now the path module can be adapted to support windows paths without breaking
the url module. It also allows the undocumented keepBlanks flag to be
removed from path.join and path.normalizeArray.
1. Express desired path.join behavior in tests.
2. Update fs.realpath to reflect new path.join behavior
3. Update url.resolve() to use new path.join behavior.
Note that "//" is still a special indicator for the hostname, and this does
not change the parsing of mailto: and other "slashless" url schemes. It
does however remove some oddness in url.parse(req.url) which is the most
common use-case for the url.parse function.
Also, make a slight change from original on url-module to put the
spacePattern into the function. On closer inspection, it turns out that the
nonlocal-var cost is higher than the compiling-a-regexp cost.
Also, documentation.
