W3C home > Mailing lists > Public > public-webapi@w3.org > May 2006

Re: Headers / caches proposal (revised)

From: Mark Baker <distobj@acm.org>
Date: Tue, 2 May 2006 16:24:47 -0700
Message-ID: <c70bc85d0605021624h4577605fic4dbb2aac3404287@mail.gmail.com>
To: "Web APIs WG (public)" <public-webapi@w3.org>

I had the same concern, and we discussed it[1] at the f2f and agreed
on the same syntactical limitations you described.  Unfortunately, it
doesn't look like anybody took an action to fix the text.  Want to
propose something?

We didn't discuss the other considerations you mentioned, nor do I
personally think we need to, but again, feel free to propose
something.

 [1] http://www.w3.org/2006/05/01-webapi-minutes.html#item09 (member access)

Mark.

On 5/1/06, Cameron McCormack <cam@mcc.id.au> wrote:
> [re: setRequestHeader]
> > 2) Nothing must be done if the header or value arguments contain any U
> > +000A LINE FEED or U+000D CARRIAGE RETURN characters, or if the
> > header argument contains any U+0020 SPACE or U+003A COLON charecters.
>
> What if headers or values contain other inappropriate characters?
> Headers should contain only ASCII characters in the range 33--126 minus
> these:
>
>   []()<>@,;:\"/?={}
>
> and values can contain only ASCII characters in the range 32--126, plus
> tab.
>
> If you don't want to restrict the headers to be valid in terms of the
> characters sent (and mind you there are other validity constraints, such
> as only allowing multiple same headers for those that are defined to
> take comma-separated lists, or enforcing proper quoting for those that
> take quoted-strings), then at least it should be defined as to what
> should happen when strings are passed that contain characters outside of
> ASCII.
>
> --
>  Cameron McCormack                      ICQ: 26955922
>  cam (at) mcc.id.au                     MSN: cam (at) mcc.id.au
>  http://mcc.id.au/                      JBR: heycam (at) jabber.org
>
>
Received on Tuesday, 2 May 2006 23:25:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT