W3C home > Mailing lists > Public > public-webapi@w3.org > April 2006

Re: XHR: restrictions on request headers

From: Jim Ley <jim@jibbering.com>
Date: Fri, 14 Apr 2006 09:14:25 +0100
Message-ID: <003601c65f9b$72b1c3a0$2402a8c0@Snufkin>
To: "Web APIs WG" <public-webapi@w3.org>

"Jonas Sicking" <jonas@sicking.cc>
> I'm not sure I understand the use case. Do you need to be able to send any 
> combination of headers as was repeated earlier by another UA? If so I 
> don't think we can ever archive that functionality since there will always 
> be some headers that we want to limit.

Limiting some for specific security reasons are fine - the browser will 
limit all of those regardless of what the spec says anyway - but limiting 
them for any other reason - stopping someone shooting them in the foot is 
not.  The vast majority of changing accept headers will work, as the 
browsers do support multiple encodings.

Jim. 
Received on Friday, 14 April 2006 08:16:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:54 GMT