Should we drop the double slash in safe urls?


No. But let one slash also be used if desired.

“A pathname consisting of a single slash shall resolve to the root directory of the process. A null pathname shall not be successfully resolved. A pathname that begins with two successive slashes may be interpreted in an implementation-defined manner, although more than two leading slashes shall be treated as a single slash.”



Is the same as


and so is


I am not talking about the pathname portion of the url. I am talking about the separator between protocol and host.

We can debate if these terms are directly comparable with nrs urls, but looking at rfc0053 I am talking about the leading part of <safe-url> not the <path-query-fragment> part (the latter being equivalent to pathname in http urls).

See rfc2616 section 3.2.2 for more details (they call pathname abs_path).

To repurpose the example you give to illustrate where the root slashes of the pathname would be


is the same as


is the same as


but I am questioning whether we should have

safe:mav vs safe://mav

Related, bitcoin does not use // to separate protocol from address:

This is a good question cause we have the opportunity and why not? I would say most likely why not would be most are use to the way it is and will expect the same. Though increasingly people are more used to using the url address bar as a search field/quick action to a site. I start typing in amaz and it automatically puts in, at no point was https:// ever typed. But if one was expected to type out the url I would assume they would follow convention.


For safe it works well to think of it in terms of ssh rather than http. The ‘safe:’ in.


Is an indicator about which server you are accessing the files on. In our case the ‘server’ is the Safe Network itself.

Potentially one could change to some other or alternative safe network, maybe a local one. Using the same safe cli you could access some files there by:


Probably not the answer you wanted. But it’s a very logical and self consistent representation that views the entire network as a virtual server you can interact with just like you would ssh a present day server.

This might be an indication of a good way to brand the safe cli as a Safe Secure Shell, ie. SSSH.

I don’t see it that way. The spec on url doesn’t frame it that way either.

safe: is the protocol, ie what ‘language’ is being sent to and fro the wire between machines.

It’s not a hierarchy or a location. It’s the protocol.

I can see where you’re coming from, but I think the semantics of ‘protocol plus colon’ is exactly that, communicating what the protocol is. Claiming it as a location or whatever is not helpful.

safe4me:// would still be speaking the safe: protocol. So use safe: (or safe://).

It’s not speaking http protocol or ssh protocol or bitcoin protocol.

http has a headstart here because (without the protocol) can be assumed to be http protocol because of the .com being ubiquitous to that specific protocol. But safe:mav cannot be simplified since mav has no implication of which protocol to use to resolve the name, eg safe or ethereum or namecoin.

The debate is whether safe:<nrs-name> should be used instead of safe://<nrs-name>. Is the : enough of a separator or should we (for familiarity or whatever) use :// as the separator.

The debate is not about what each part around that separator means. That is well established across many implementations, many protocols, much history. I’m open to being convinced otherwise but so far I’m very much not convinced.


Yes correct from my understanding

Did you mean safe4me: or safe: ?

I would like to see the need for slashes to be removed. But with the history of the web, maybe we need to recognise still safe:// as well

Right now both options work in the safe browser


I did mean safe4me. I was using the example from the post above.

1 Like

If you are having the protocol, then leave as a colon double slash.
Double slash is useful for accessibility makes reading a lot easier.

The option would be to remove safe:// all together but that might not be ideal for the embedding of “safe” and awareness that the user is using a safe browser and not some random unsafe browser that has removed the protocol… which I wonder some were tending to a few months back.

Firefox I notice has the domain clear and the protocol and suffix detail in a lighter shade of grey. So, that kind of works well for making the domain very apparent.

Also, if the issue of NRS becomes that there is some other unique detail added to the domain, then that can be set among the protocol.

Merging the protocol and domain will not make it easier to understand or read.

I think breaking with the convention will cause a world of pain for developers and probably users because so much existing software, developer and user expectations are now formed around the existing standard.

For example, it would make hundreds of JavaScript libraries unusable (probably thousands) creating a significant additional cost for development, introducing bugs and reducing the utility because of the reduction in delivery of apps. Instead developers will have to convert safe URLs to and from double slash, and in some cases will have to rewrite libraries in order to get functionality which copes with the non standard format.

And it will persist for some time because I expect developers will remain reliant on libraries developed for the clearweb for the foreseeable future.

TL;DR: a really bad idea IMO!


Would it though? I’d honestly challenge this assumption.

For example using built-in javascript

u = new URL("")

Works as expected.

Copy into the browser address bar and it works.
does not automatically turn into a link in discourse.

2 out of 3 on my basic test worked… would be interesting to have more data.

The spec says without double slash is invalid for http urls but valid for non-http urls. :grimacing:


Agree I’m making an assumption here, but I am sure lots of code will exist out there that looks explicitly for the double slash. I’ve certainly seen it and written code like myself :blush: because it can be relied upon. I mentioned JavaScript, but of course this will apply to all languages, it’s just I’m most familiar with the JS libraries and code that I’ve been learning for the past four ish years.

This is true, but! :wink:

  • we’re talking about a use that is directly equivalent to http in terms of websites, so developers will both assume, and find it much easier to get going with Safe if the protocol has fewer differences than more. For example, keeping things similar probably made it much easier for me to demonstrate Solid apps on Safe. I think every difference we introduce will have a negative impact on the adoption of Safe by developers, and on their productivity, unless there’s a direct and immediate compensating benefit to the change. I don’t see that in this instance.
  • not many developers learn how to do stuff from the specs. They are hard to understand, and most prefer to learn by looking at existing code, blog posts etc, and of course StackExchange! So they tend to learn conventions first and specs if they really, really have to. The W3C specs are particularly gruesome IME. I have been reading them since the early nineties all through the development of HTML/CSS etc and I still struggle with them. Having said that, they’ve improved things a bit by providing primers for some specs.



Also about parsing beyond internet… protocol:// is a clear indication of something internet domain like. Simple something: could be alsorts of other contexts. Software highlighting urls is just one example that might fall over.

Change for change’s sake, is not worth thinking about… unclear any advantage.


How often do you use ssh?

Please, please keep this the default:

I get the double slash is not needed, but we should follow http://, ftp://, ssh:// notation. I dont want safenetwork to be unique just because it can be unique.
Some principles of the network will be hard for peple to understand and we cannot do much about it, but other things like this notation, we can make easy to understand just by making it same as things people already know. So please, dont try to reinvent a wheel.


Literally every day like this:

$ ssh

So for me the double slash is not part of ssh protocol, but I guess that must just be me.

It seems opinion is don’t change from double slash. I thought since the guy who invented the scheme thought the slashes were a mistake then we had a chance to correct this perceived mistake, but if people dislike the change then it doesn’t bother me. Thought it was worth considering.

Isn’t it also directly equivalent to mailto: urls for emailing? And bitcoin: urls for sending payments? I’m not trying to say “let’s not use slashes”, just trying to put all the cases forward for why we might drop it. I think those cases are strong, but in the end what matters is the user experience so I’m happy to forgo technicalities for the sake of that interest. But let’s not follow tradition without really exploring the other side properly.

Eyeballing it seems pretty even, and Ctrl^F shows 112 results both for :// and :< (only approx since some are duplicates and the formats vary).

I’m not really fussed either way, the question was a genuine question not a leading one. Been good to hear what people think about it.

1 Like

Those are typically hidden for machine use in context. The double slash matters for human readability.

1 Like

@mav I agree that there are cases where double slash is omitted, my point is about http and the convention rather than whether the spec allowes it. BTW Tim has also said that, well we’re stuck with it now, presumably because changing it on the old web would break a lot of stuff. But TBH, if browsers allowed it, it would get fixed quite quickly so I might be wrong about his reasoning. Maybe it’s because he has bigger fish to fry, and it isn’t really a problem.

1 Like

I agree but suspect a troublesome issue might be IOT and all those devices out there with old un-upgradable code.

1 Like