W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2011

Sec-* headers

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Mon, 21 Feb 2011 22:14:42 +0100
To: ietf-http-wg@w3.org
Message-ID: <m2l5m69u3trptk7c6o84p59821m75mske4@hive.bjoern.hoehrmann.de>
Hi,

  Over in the hybi Working Group the issue of "Sec-*" headers came up.
The XMLHttpRequest draft says "Header names starting with Sec- are not
allowed to be set to allow new headers to be minted that are guaranteed
not to come from XMLHttpRequest." It seems to me that if "Sec-*" headers
are somehow special, that is something the core specifications needs to
mention, like in the header registration specification, but I could not
find anything there from a quick look.

regards,
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Monday, 21 February 2011 21:15:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:37 GMT