A Uniform Resource Identifier (URI) is a short string of characters identifying an abstract or physical resource (for example, a web page). A Uniform Resource Locator (URL) is a URI that identifies a resource through its primary access mechanism (e.g., its network
URIs are the standard way to name hypertext link destinations for tools such as web browsers. The string
URIs can be absolute or relative. An absolute identifier refers to a resource independent of context, while a relative identifier refers to a resource by describing the difference from the current context. Within a relative path reference, the complete path segments
There are many different URI schemes, each with specific additional rules and meanings, but they are intentionally made to be as similar as possible. For example, many URL schemes permit the authority to be the following format, called here an ip_server (square brackets show what's optional):
This format allows you to optionally insert a user name, a user plus password, and/or a port number. The host is the name of the host computer, either its name as determined by DNS or an IP address (numbers separated by periods). Thus the URI ''
Here are some of the most common schemes in use on Unix-like systems that are understood by many tools. Note that many tools using URIs also have internal schemes or specialized schemes; see those tools' documentation for information on those schemes.
http - Web (HTTP) server
This is a URL accessing a web (HTTP) server. The default port is 80. If the path refers to a directory, the web server will choose what to return; usually if there is a file named
A query can be given in the archaic key=value separated by the ampersand character (key can be repeated more than once, though it's up to the web server and its application programs to determine if there's any meaning to that. There is an unfortunate interaction with HTML/XML/SGML and the GET query format; when such URIs with more than one key are embedded in SGML/XML documents (including HTML), the ampersand (
ftp - File Transfer Protocol (FTP)
This is a URL accessing a file through the file transfer protocol (FTP). The default port (for control) is 21. If no username is included, the user name
gopher - Gopher server
gopher://ip_server/gophertype selector gopher://ip_server/gophertype selector%09search gopher://ip_server/gophertype selector%09search%09gopher+_string
The default gopher port is 70. gophertype is a single-character field to denote the Gopher type of the resource to which the URL refers. The entire path may also be empty, in which case the delimiting ''
selector is the Gopher selector string. In the Gopher protocol, Gopher selector strings are a sequence of octets which may contain any octets except 09 hexadecimal (US-ASCII HT or tab), 0A hexadecimal (US-ASCII character LF), and 0D (US-ASCII character CR).
mailto - Email address
This is an email address, usually of the form name@hostname. See mailaddr(7) for more information on the correct format of an email address. Note that any % character must be rewritten as %25. An example is __
news - Newsgroup or News message
A newsgroup-name is a period-delimited hierarchical name, such as ''
A message-id corresponds to the Message-ID of IETF RFC 1036, without the enclosing unique@full_domain_name. A message identifier may be distinguished from a news group name by the presence of the ''
telnet - Telnet login
The Telnet URL scheme is used to designate interactive text services that may be accessed by the Telnet protocol. The final
file - Normal file
The second format (e.g.,
man - Man page documentation
This refers to local online manual (man) reference pages. The command name can optionally be followed by a parenthesis and section number; see man(7) for more information on the meaning of the section numbers. This URI scheme is unique to Unix-like systems (such as Linux) and is not currently registered by the IETF. An example is __
info - Info page documentation
info:virtual-filename info:virtual-filename#nodename info:(virtual-filename) info:(virtual-filename)nodename
This scheme refers to online info reference pages (generated from texinfo files), a documentation format used by programs such as the GNU tools. This URI scheme is unique to Unix-like systems (such as Linux) and is not currently registered by the IETF. As of this writing, GNOME and KDE differ in their URI syntax and do not accept the other's syntax. The first two formats are the GNOME format; in nodenames all spaces are written as underscores. The second two formats are the KDE format; spaces in nodenames must be written as spaces, even though this is forbidden by the URI standards. It's hoped that in the future most tools will understand all of these formats and will always accept underscores for spaces in nodenames. In both GNOME and KDE, if the form without the nodename is used the nodename is assumed to be
whatis - Documentation search
This scheme searches the database of short (one-line) descriptions of commands and returns a list of descriptions containing that string. Only complete word matches are returned. See whatis(1). This URI scheme is unique to Unix-like systems (such as Linux) and is not currently registered by the IETF.
ghelp - GNOME help documentation
This loads GNOME help for the given application. Note that not much documentation currently exists in this format.
ldap - Lightweight Directory Access Protocol
ldap://hostport ldap://hostport/ ldap://hostport/dn ldap://hostport/dn?attributes ldap://hostport/dn?attributes?scope ldap://hostport/dn?attributes?scope?filter ldap://hostport/dn?attributes?scope?filter?extensions
This scheme supports queries to the Lightweight Directory Access Protocol (LDAP), a protocol for querying a set of servers for hierarchically-organized information (such as people and computing resources). More information on the LDAP URL scheme is available in RFC 2255. The components of this URL are:
the LDAP server to query, written as a hostname optionally followed by a colon and the port number. The default LDAP port is TCP port 389. If empty, the client determines which the LDAP server to use.
dn the LDAP Distinguished Name, which identifies the base object of the LDAP search (see RFC 2253 section 3).
a comma-separated list of attributes to be returned; see RFC 2251 section 4.1.5. If omitted, all attributes should be returned.
specifies the scope of the search, which can be one of
specifies the search filter (subset of entries to return). If omitted, all entries should be returned. See RFC 2254 section 4.
a comma-separated list of type=value pairs, where the =value portion may be omitted for options not requiring it. An extension prefixed with a '!' is critical (must be supported to be valid), otherwise it's non-critical (optional).
LDAP queries are easiest to explain by example. Here's a query that asks ldap.itd.umich.edu for information about the University of Michigan in the U.S.:
To just get its postal address attribute, request:
To ask a host.com at port 6666 for information about the person with common name (cn)
wais - Wide Area Information Servers
wais://hostport/database wais://hostport/database?search wais://hostport/database/wtype/wpath
This scheme designates a WAIS database, search, or document (see IETF RFC 1625 for more information on WAIS). Hostport is the hostname, optionally followed by a colon and port number (the default port number is 210).
The first form designates a WAIS database for searching. The second form designates a particular search of the WAIS database database. The third form designates a particular document within a WAIS database to be retrieved. wtype is the WAIS designation of the type of the object and wpath is the WAIS document-id.
URIs use a limited number of characters so that they can be typed in and used in a variety of situations.
The following characters are reserved, that is, they may appear in a URI but their use is limited to their reserved purpose (conflicting data must be escaped before forming the URI):
Unreserved characters may be included in a URI. Unreserved characters include include upper and lower case English letters, decimal digits, and the following limited set of punctuation marks and symbols:
All other characters must be escaped. An escaped octet is encoded as a character triplet, consisting of the percent character
Unreserved characters can be escaped without changing the semantics of the URI, but this should not be done unless the URI is being used in a context that does not allow the unescaped character to appear. For example,
For URIs which must handle characters outside the US ASCII character set, the HTML 4.01 specification (section B.2) and IETF RFC 2718 (section 2.2.5) recommend the following approach:
When written, URIs should be placed inside doublequotes (e.g., never move extraneous punctuation (such as the period ending a sentence or the comma in a list) inside a URI, since this will change the value of the URI. Instead, use angle brackets instead, or switch to a quoting system that never includes extraneous characters inside quotation marks. This latter system, called the 'new' or 'logical' quoting system by
Any tool accepting URIs (e.g., a web browser) on a Linux system should be able to handle (directly or indirectly) all of the schemes described here, including the man: and info: schemes. Handling them by invoking some other program is fine and in fact encouraged.
Technically the fragment isn't part of the URI.
For information on how to embed URIs (including URLs) in a data format, see documentation on that format. HTML uses the format uritext uri''}. Man and mdoc have the recently-added UR macro, or just include the URI in the text (viewers should be able to detect :// as part of a URI).
A URI does not in itself pose a security threat. There is no general guarantee that a URL, which at one time located a given resource, will continue to do so. Nor is there any guarantee that a URL will not locate a different resource at some later point in time; such a guarantee can only be obtained from the person(s) controlling that namespace and the resource in question.
It is sometimes possible to construct a URL such that an attempt to perform a seemingly harmless operation, such as the retrieval of an entity associated with the resource, will in fact cause a possibly damaging remote operation to occur. The unsafe URL is typically constructed by specifying a port number other than that reserved for the network protocol in question. The client unwittingly contacts a site that is in fact running a different protocol. The content of the URL contains instructions that, when interpreted according to this other protocol, cause an unexpected operation. An example has been the use of a gopher URL to cause an unintended or impersonating message to be sent via a SMTP server.
Caution should be used when using any URL that specifies a port number other than the default for the protocol, especially when it is a number within the reserved space.
Care should be taken when a URI contains escaped delimiters for a given protocol (for example, CR and LF characters for telnet protocols) that these are not unescaped before transmission. This might violate the protocol, but avoids the potential for such characters to be used to simulate an extra operation or parameter in that protocol, which might lead to an unexpected and possibly harmful remote operation to be performed.
Documentation may be placed in a variety of locations, so there currently isn't a good URI scheme for general online documentation in arbitrary formats. References of the form
Many programs and file formats don't include a way to incorporate or implement links using URIs.