W3C home > Mailing lists > Public > public-webapi@w3.org > April 2006

Re: XHR: restrictions on request headers

From: Maciej Stachowiak <mjs@apple.com>
Date: Tue, 11 Apr 2006 01:51:27 -0700
Message-Id: <E1428F70-F911-4F0F-9E51-BE6FCBAFE6B8@apple.com>
Cc: Web APIs WG <public-webapi@w3.org>
To: Jonas Sicking <jonas@sicking.cc>

On Apr 10, 2006, at 7:43 PM, Jonas Sicking wrote:

>> I would tentatively say the following are not valid reasons to  
>> restrict a header:
>> 4) It could result in content that the UA might not be able to  
>> parse as text or as XML (this can happen anyway with no custom  
>> headers).
> If a header will always cause the UA to not be able to parse the  
> response as neither text or XML then I think that could be  
> disallowed. There is no point in giving users a tool if the only  
> thing they can do with it is shoot themselfs in the foot.
> However I'm not sure if there are any such headers though, so this  
> might be a moot point.

If it would always cause that, sure (although we'd have to remove the  
restriction if we ever allowed binary access to the result body). But  
some people have proposed banning headers that could sometimes do  
that, and sometimes be used for useful purposes, like Accept-Charset,  
and I'm don't think that's a situation where it is appropriate to  
restrict. (I think almost any header could, in some imagined world,  
result in an unparseable response...)

Received on Tuesday, 11 April 2006 08:51:53 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:21 UTC