W3C home > Mailing lists > Public > public-webapi@w3.org > April 2006

Re: XHR: restrictions on request headers

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 12 Apr 2006 01:53:30 +0200
Message-ID: <443C417A.2090307@gmx.de>
To: Ian Hickson <ian@hixie.ch>
CC: Maciej Stachowiak <mjs@apple.com>, Web APIs WG <public-webapi@w3.org>

Ian Hickson wrote:
> ...
> But I would add one more. Authors are stupid. We shouldn't provide them 
> with features whose only possible use is for them to shoot themselves in 
> the foot. In other words, I would phrase the question not as "which 
> headers should we restrict", but "which headers should we allow", and only 
> allow those that have valid use cases.
> ...

How do you do that, when the set of headers with potential use cases is 
open-ended?

For instance, would "Destination", "Apply-To-Redirect-Ref" or "If" qualify?

Best regards, Julian
Received on Wednesday, 12 April 2006 00:02:33 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:54 GMT