The 1.0 Standard specifies external file naming as follows:
7.6.1
******* Filenames have the following format (approximately the MS-DOS 8.3 rule): one to eight alphanumeric characters, a full stop and zero to three alphanumeric characters (the “file extension”).
7.6.1.1
The interpreter must convert all filenames to upper case before use. If no full stop is given, “.AUX” should be appended.
7.6.1.2
Games should avoid the extensions “.INF”, “.H”, “.Z” followed by a number or “.SAV”: otherwise they may be in danger of erasing their own object code, source code or saved game files.
The 1.1 Standard allows for games to explicitly avoid prompting the user for a filename when creating new files, which opens up the possibility of all sorts of dangerous behaviour. The file naming section was hastily updated to try to mitigate this problem, but in its current state (on inform-fiction.org) it is slightly contradictory and also manages to refer to interpreters as ‘the library’.
I have attempted to rewrite it with a bit more clarity:
7.6.1
***[1.1] The game can pass any string to the interpreter to be used as a filename. In all cases the interpreter will convert the string to an appropriate filename.
It is no longer required that interpreters or games stick to the format specified in previous versions of this Standard (approximately the MS-DOS 8.3 rule), but it is given here for reference: one to eight alphanumeric characters, a full stop and zero to three alphanumeric characters (the “file extension”).
7.6.1.1
The interpreter must convert all filenames to upper case before use.
7.6.1.2
***[1.1] The interpreter should delete from the filename any characters illegal for a filename. This will include all of the following characters (and more, if the OS requires it): slash, backslash, angle brackets (less-than and greater-than), colon, double-quote, pipe (vertical bar), question-mark, asterisk. The library should also truncate the filename at the first full stop (delete the first full stop and any following characters). If the result is the empty string, change it to the string “NULL”.
Although the interpreter should truncate the filename at the first full stop, games should be safe and avoid extensions such as “.INF”, “.H”, “.ZIL”, “.ZAP”, “.Z” followed by a number, or “.SAV”: otherwise they may be in danger of erasing their own object code, source code or saved game files.
7.6.1.3
***[1.1] The interpreter may add any appropriate file extension (that is, a full stop followed by a further string that identifies the type of the file) to the filename. Previous versions of this Standard suggested a default file extension of “.AUX”, but this is not a requirement.
7.6.1.4
***[1.1] The interpreter may save the file in a location other than the location of the game file, but it should ensure that the file is easily accessible to users outside of the game, to allow the files to be moved to other locations or devices.
7.6.1.5
***[1.1] When reading a file without using a prompt to the user, the interpreter may choose to search for the file using any algorithm of its choice, starting from the argument the game passes. For example, if the argument specifies a filename containing a file extension, the interpreter may choose to look for a filename with that extension and read it if it is found.