I think that the right way to do this is find the situations where comparison functions aren't well-defined, and tighten those up. ETag doesn't seem like it needs this (while the definition of the comparison function is a bit informal, there's not much wiggle room for getting it wrong, as Julian points out). Digest seems like it might; where else? Cheers, On 30/10/2007, at 5:37 AM, Geoffrey Sneddon wrote: > On 29 Oct 2007, at 02:06, Henrik Nordstrom wrote: > >> To compare two quoted-string elements you need to dequote them >> including >> removing escapes, but in practice it doesn't matter much as people >> are >> not usually escaping things within quoted-string unless needed (but >> sometimes forget when needed, partly due to poor specifications, >> already >> fixed). >> >> This is quite notable in for example Digest authentication where >> proper >> handling of quoted-string is required for the hashes to compute >> properly >> as they are based on the value as such and not the quoted-string >> representation. (i.e a login name with " or \ in it..) >> >> It's in theory also needed for ETag processing, but it's less >> noticeable >> as impacts on the protocol of getting this wrong is pretty minimal. > > Can we put something like the above quotation into the spec, so it > is actually spelt out somewhere (as it currently isn't, at all)? > > All the best, > > Geoffrey Sneddon. > -- Mark Nottingham http://www.mnot.net/Received on Monday, 12 November 2007 05:56:27 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:23 GMT