W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: Permitted characters for http keys

From: Mark Nottingham <mnot@mnot.net>
Date: Mon, 25 Feb 2013 21:33:51 +1100
Cc: Roberto Peon <grmocg@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <6077F1B2-B449-4FE7-8781-EC61DBB5420D@mnot.net>
To: Martin J. Dürst <duerst@it.aoyama.ac.jp>
Right now, the syntax is:

  header-field   = field-name ":" OWS field-value BWS
  field-name     = token
  token          = 1*tchar
  tchar          = "!" / "#" / "$" / "%" / "&" / "'" / "*"
                    / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" 
                    / DIGIT / ALPHA ; any VCHAR, except special



On 25/02/2013, at 7:57 PM, Martin J. Dürst <duerst@it.aoyama.ac.jp> wrote:

> Hello Roberto,
> 
> What do you mean with "header key"? Do you mean header field names? E.g. the "Host" in the host header (field), and so on?
> 
> In that case, I agree. Please note that [RFC5322] allows all US-ASCII printable characters except ":" in optional header field names (Section 3.6.8). I had to learn this (and the "header field", "header field name",... terminology) while working on RFC 6068.
> 
> I'm not sure this also applies to HTTP, but it may as well do so. Of course, a header field name like "^$&%*@(!]" really makes no sense at all, but that's a separate issue.
> 
> Regards,   Martin.
> 
> On 2013/02/20 5:45, Roberto Peon wrote:
>> Right now I believe we allow a wider encoding for HTTP keys than is
>> necessary.
>> 
>> Does anyone know of any non-crazy use for character values>  127 in the
>> header keys (because I really can't think of any)?
>> 
>> -=R
>> 
> 

--
Mark Nottingham   http://www.mnot.net/
Received on Monday, 25 February 2013 10:34:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 25 February 2013 10:34:24 GMT