W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2008

RE: Overlapping ranges

From: Yves Lafon <ylafon@w3.org>
Date: Tue, 14 Oct 2008 10:37:08 -0400 (EDT)
To: Brian Smith <brian@briansmith.org>
cc: 'Stefanos Harhalakis' <v13@v13.gr>, 'Julian Reschke' <julian.reschke@gmx.de>, ietf-http-wg@w3.org
Message-ID: <Pine.LNX.4.64.0810141034090.21954@ubzre.j3.bet>

On Mon, 13 Oct 2008, Brian Smith wrote:

> Yves Lafon wrote:
>> On Sun, 12 Oct 2008, Stefanos Harhalakis wrote:
>> In the same vein, refusing overlapping range request that
>> would be bigger than exporting the whole document (and
>> serving the document instead) seems to be a sane
>> implementation choice, but the spec shouldn't cover all
>> those corner cases, IMHO.
>
> I agree that the specification doesn't need to be ammended to allow the
> server to refuse these requests since the server can already refuse them.
> However, it should be mentioned in the security considerations.

Agreed. and it's the case for all known security issues.

-- 
Baroula que barouleras, au tiéu toujou t'entourneras.

         ~~Yves
Received on Tuesday, 14 October 2008 14:37:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:56 GMT