W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2007

Re: Message delimiting security issues

From: Travis Snoozy <ai2097@users.sourceforge.net>
Date: Wed, 17 Jan 2007 09:02:28 -0800
To: Henrik Nordstrom <henrik@henriknordstrom.net>, "William A. Rowe, Jr." <wrowe@rowe-clan.net>, Mark Nottingham <mnot@mnot.net>, Scott Lawrence <scott@skrb.org>, "Roy T.Fielding" <fielding@gbiv.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <20070117170228.GD19417@smote> 
On Wed, Jan 17, 2007 at 08:42:40AM -0800, Travis Snoozy wrote:
> On Wed, Jan 17, 2007 at 11:47:33AM +0100, Henrik Nordstrom wrote:
> <snip>
> > Does the implied LWS rule apply to header names, even if it's not
> > allowed in MIME? Allowing LWS around the header name does not make
> > sense, but it is not explicitly forbidden.
> 
> LWS is not allowed.
>

... if you summarily dismiss the "implied LWS rule." Yes, LWS is allowed between
tokens and separators. My mistake; I'm used to BNF explicitly specifying exactly
what can and cannot happen, and not making implicit back-references.

LWS SHOULD NOT be allowed.

-- 
Travis
Received on Wednesday, 17 January 2007 17:02:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:00 GMT