On Sun, 21 Dec 2008, Jamie Lokier wrote: > David Morris wrote: > > A few leading zeros sent by a sloppy program won't impact the network. > > What about a million leading zeros in a chunk header from a malicious > program? Should implementations be expected to accept that? An implementation can always set limits to protect itself. That is just good programming. Certainly the HTTP specification doesn't have to describe common sense. > > Also, is it permitted for a proxy to change Content-Length by removing > leading zeros? Of course, just like a proxy is free to convert chunked encoding to explict content length. Or in the right circumstances, the converse. > > -- Jamie >Received on Sunday, 21 December 2008 04:50:32 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:38:34 GMT