On Wed, 7 Jun 2006, Mark Nottingham wrote: > > Blindly standardising what one vendor does doesn't make sense; do you > know *why* they consider it a security feature? > > The reputed security problems with various HTTP methods have been > brought up many times, but I have yet to see an explanation of how they > actually cause a security issue greater than supporting POST does. Beyond curiosity, does it matter why? There's no point us publishing a spec that contradicts Microsoft's implementation if Microsoft's implementation is not going to change (which it isn't, if the reason for it being the way it is is Security). -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'Received on Wednesday, 7 June 2006 23:41:46 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT