W3C home > Mailing lists > Public > public-webapi@w3.org > April 2006

Re: Some XHR comments

From: Cameron McCormack <cam@mcc.id.au>
Date: Wed, 5 Apr 2006 18:20:37 +1000
To: "Web APIs WG (public)" <public-webapi@w3.org>
Message-ID: <20060405082037.GB24695@port.mcc.id.au>

Cameron McCormack:
> >I don't see any reason (except for the stated goal of finding a common
> >baseline on all implementations) to exclude some HTTP headers.

Anne van Kesteren:
> You mean methods? What about methods other specifications are introducing?

Sorry, yes, methods.  What's the possible reason for restricting the
method sent at all?  Are there any security implications for allowing
any syntactically valid method and just leave it up to the server to
decide what is appropriate (given same-host connection restrictions)?
Maybe CONNECT's potential for bad outweighs the good...

-- 
 Cameron McCormack			ICQ: 26955922
 cam (at) mcc.id.au			MSN: cam (at) mcc.id.au
 http://mcc.id.au/			JBR: heycam (at) jabber.org
Received on Wednesday, 5 April 2006 08:20:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:54 GMT